michalpurzynski/zeek-scripts external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

michalpurzynski/zeek-scripts

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/michalpurzynski/zeek-scripts)

Close

michalpurzynski / zeek-scriptsView on GitHubMore

• External links
• Readme badge

zeek-scripts

☆44Dec 27, 2018Updated 7 years ago

Alternatives and similar repositories for zeek-scripts

Users that are interested in zeek-scripts are comparing it to the libraries listed below

• jbaggs / anomalous-dns

  View on GitHub
  A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.
  ☆35Jan 4, 2025Updated last year
• tianyulab / ThreatDetectionRules

  View on GitHub
  威胁检测规则集
  ☆15Jul 5, 2019Updated 6 years ago
• SeisoLLC / zeek-kafka

  View on GitHub
  A Zeek log writer plugin that publishes to Kafka.
  ☆53Aug 18, 2025Updated 6 months ago
• stratosphereips / zeek_anomaly_detector

  View on GitHub
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆82Aug 5, 2025Updated 7 months ago
• zeek / zeek-af_packet-plugin

  View on GitHub
  Plugin providing native AF_Packet support for Zeek.
  ☆33Oct 22, 2025Updated 4 months ago
• theparanoids / rdfp

  View on GitHub
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Jun 20, 2023Updated 2 years ago
• michalpurzynski / bro-gramming

  View on GitHub
  Bro IDS programs collection.
  ☆146Oct 16, 2019Updated 6 years ago
• reber0 / vtest

  View on GitHub
  用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  ☆11Apr 2, 2021Updated 4 years ago
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 4 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• corelight / got_zoom

  View on GitHub
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Apr 15, 2020Updated 5 years ago
• LubyRuffy / FingerPrinting-Ripple20

  View on GitHub
  Treck Network Stack Discovery Tool [Ripple20]
  ☆12Jul 1, 2020Updated 5 years ago
• emdnaia / OpenOCD

  View on GitHub
  some config files
  ☆14Feb 23, 2026Updated last week
• secureworks / aristotle

  View on GitHub
  ☆38Nov 2, 2024Updated last year
• GossiTheDog / fixes

  View on GitHub
  Fixes and patches
  ☆20Dec 3, 2020Updated 5 years ago
• joeavanzato / ThreatSim

  View on GitHub
  Threat Simulator for Enterprise Networks
  ☆14May 14, 2022Updated 3 years ago
• tylabs / dovehawk

  View on GitHub
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Jul 12, 2021Updated 4 years ago
• mitre-attack / bzar

  View on GitHub
  A set of Zeek scripts to detect ATT&CK techniques.
  ☆621Jun 26, 2024Updated last year
• LennyLeng / SOC_Sankey_Generator

  View on GitHub
  ☆57Dec 15, 2020Updated 5 years ago
• rivitna / APT

  View on GitHub
  ☆14Oct 25, 2022Updated 3 years ago
• DfirJos / CnC-detection

  View on GitHub
  Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
  ☆15Aug 17, 2018Updated 7 years ago
• oguzpamuk / HuntingWithPowershell

  View on GitHub
  Windows log and threat hunting with powershell
  ☆16Dec 11, 2020Updated 5 years ago
• zeek / zeek-training

  View on GitHub
  Zeek Training Materials/Products
  ☆41Feb 2, 2026Updated last month
• salesforce / bro-sysmon

  View on GitHub
  How to Zeek Sysmon Logs!
  ☆103Feb 12, 2022Updated 4 years ago
• RickGray / zgrab-mini

  View on GitHub
  Minimal version for https://github.com/zmap/zgrab.
  ☆16Sep 17, 2022Updated 3 years ago
• threatrack / cti_report_collection

  View on GitHub
  Repository collecting and automagically processing public threat intelligence reports.
  ☆18May 1, 2020Updated 5 years ago
• Alir3z4 / ansible-suricata

  View on GitHub
  An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.
  ☆17Oct 30, 2021Updated 4 years ago
• agners / heartbleed_test_openvpn

  View on GitHub
  Heartbleed test script for OpenVPN
  ☆34Apr 10, 2014Updated 11 years ago
• hardenedlinux / hardenedlinux-zeek-scripts

  View on GitHub
  ☆39Dec 4, 2023Updated 2 years ago
• cisagov / ACID

  View on GitHub
  ☆75Apr 3, 2025Updated 11 months ago
• corelight / zeek-community-id

  View on GitHub
  Zeek support for Community ID flow hashing.
  ☆36Jul 11, 2023Updated 2 years ago
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• cybera / zeek-sniffpass

  View on GitHub
  Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
  ☆17Oct 30, 2023Updated 2 years ago
• bro / bro-osquery

  View on GitHub
  Bro integration with osquery
  ☆15Mar 24, 2023Updated 2 years ago
• SEC-GO / Red-vs-Blue

  View on GitHub
  红蓝对抗交流心得
  ☆106Apr 8, 2020Updated 5 years ago
• B0fH / yara-suricata

  View on GitHub
  A Yara Lua output script for Suricata
  ☆20Apr 7, 2019Updated 6 years ago
• Security-Onion-Solutions / securityonion-bro-scripts

  View on GitHub
  ☆24Jan 19, 2020Updated 6 years ago
• StephenOTT / TAXII-Server

  View on GitHub
  TAXII Server supporting the 2.1 spec.
  ☆20Mar 30, 2020Updated 5 years ago
• ajackal / ir_scripts

  View on GitHub
  incident response scripts
  ☆18Mar 4, 2019Updated 7 years ago