Zeek package to detect Zerologon
☆11Nov 10, 2021Updated 4 years ago
Alternatives and similar repositories for zerologon
Users that are interested in zerologon are comparing it to the libraries listed below
Sorting:
- ☆18Dec 20, 2024Updated last year
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Oct 15, 2020Updated 5 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.☆19Aug 21, 2025Updated 6 months ago
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Python3 Module to interact with the SonicWall® SonicOS API☆14Jan 6, 2025Updated last year
- Dockerized Zeek☆12Mar 9, 2024Updated last year
- Python library to get the Alexa rank of the domain of any URL☆10Jan 28, 2013Updated 13 years ago
- This module detects HTTP requests that are non RFC compliant and used for smuggling☆12Mar 16, 2023Updated 2 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 4 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 10 months ago
- A Zeek plugin to POST logs over HTTP.☆13Feb 10, 2020Updated 6 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Oct 12, 2020Updated 5 years ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Jun 29, 2022Updated 3 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Plugin providing native AF_Packet support for Zeek.☆33Oct 22, 2025Updated 4 months ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆35Jan 4, 2025Updated last year
- ☆13Oct 7, 2019Updated 6 years ago
- Sniffpass will alert on cleartext passwords discovered in HTTP POST requests☆17Oct 30, 2023Updated 2 years ago
- Log4j Exploit Detection Logic for Zeek☆19Nov 25, 2025Updated 3 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46May 30, 2024Updated last year
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- A series of Bro Scripts created for detection purposes.☆19Nov 18, 2016Updated 9 years ago
- Kerberos Haters Guide to Zeek Threat Hunting☆35Oct 14, 2021Updated 4 years ago
- Social Media Post scheduler☆23Jan 12, 2017Updated 9 years ago
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- Various Modules & Scripts for use with Viper Framework☆27Aug 20, 2019Updated 6 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 3 months ago
- ☆12May 13, 2020Updated 5 years ago
- ☆16Jul 28, 2020Updated 5 years ago
- Generate network maps from packet captures☆30Sep 15, 2019Updated 6 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Nov 19, 2020Updated 5 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Nov 3, 2025Updated 3 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year