michalpurzynski/zeek-scripts external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

michalpurzynski/zeek-scripts

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/michalpurzynski/zeek-scripts)

Close

michalpurzynski / zeek-scriptsView on GitHubMore

• External links
• Readme badge

zeek-scripts

☆44Dec 27, 2018Updated 7 years ago

Alternatives and similar repositories for zeek-scripts

Users that are interested in zeek-scripts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jbaggs / anomalous-dns

  View on GitHub
  A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.
  ☆35Jan 4, 2025Updated last year
• hosom / file-extraction

  View on GitHub
  Extract files from network traffic with Zeek.
  ☆102Mar 17, 2020Updated 6 years ago
• SeisoLLC / zeek-kafka

  View on GitHub
  A Zeek log writer plugin that publishes to Kafka.
  ☆53Aug 18, 2025Updated 7 months ago
• stratosphereips / zeek_anomaly_detector

  View on GitHub
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆82Aug 5, 2025Updated 7 months ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• tianyulab / ThreatDetectionRules

  View on GitHub
  威胁检测规则集
  ☆15Jul 5, 2019Updated 6 years ago
• theparanoids / rdfp

  View on GitHub
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Jun 20, 2023Updated 2 years ago
• IBM / pySigma-backend-QRadar-AQL

  View on GitHub
  QRadar AQL backend for converting Sigma rules to QRadar AQL queries
  ☆14Sep 18, 2025Updated 6 months ago
• corelight / got_zoom

  View on GitHub
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Apr 15, 2020Updated 5 years ago
• initconf / smtp-url-analysis

  View on GitHub
  Extracting and analyzing URLs from Emails for phishing events
  ☆21Oct 22, 2020Updated 5 years ago
• zeek / zeek-af_packet-plugin

  View on GitHub
  Plugin providing native AF_Packet support for Zeek.
  ☆33Oct 22, 2025Updated 5 months ago
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 4 years ago
• mitre-attack / bzar

  View on GitHub
  A set of Zeek scripts to detect ATT&CK techniques.
  ☆622Jun 26, 2024Updated last year
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• michalpurzynski / bro-gramming

  View on GitHub
  Bro IDS programs collection.
  ☆146Oct 16, 2019Updated 6 years ago
• cisagov / ACID

  View on GitHub
  ☆75Apr 3, 2025Updated 11 months ago
• spitfire55 / MegaDev

  View on GitHub
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Oct 31, 2018Updated 7 years ago
• sudohyak / suricata-rules

  View on GitHub
  Suricata rules for the new critical vulnerabilities
  ☆84Jan 26, 2021Updated 5 years ago
• secureworks / aristotle

  View on GitHub
  ☆38Nov 2, 2024Updated last year
• MITRECND / bro-http2

  View on GitHub
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Jun 11, 2024Updated last year
• tylabs / dovehawk

  View on GitHub
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Jul 12, 2021Updated 4 years ago
• corelight / json-streaming-logs

  View on GitHub
  Zeek package to create JSON formatted logs to stream into data analysis systems.
  ☆30Dec 3, 2025Updated 3 months ago
• Security-Onion-Solutions / securityonion-bro-scripts

  View on GitHub
  ☆24Jan 19, 2020Updated 6 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• oguzpamuk / HuntingWithPowershell

  View on GitHub
  Windows log and threat hunting with powershell
  ☆16Dec 11, 2020Updated 5 years ago
• zeek / zeek-training

  View on GitHub
  Zeek Training Materials/Products
  ☆41Mar 12, 2026Updated 2 weeks ago
• reber0 / vtest

  View on GitHub
  用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  ☆11Apr 2, 2021Updated 4 years ago
• CriticalPathSecurity / Zeek-Intelligence-Feeds

  View on GitHub
  Zeek-Formatted Threat Intelligence Feeds
  ☆392Updated this week
• SCILabsMX / yaraZeekAlert

  View on GitHub
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆62Dec 16, 2023Updated 2 years ago
• emdnaia / OpenOCD

  View on GitHub
  some config files
  ☆14Feb 23, 2026Updated last month
• ajackal / ir_scripts

  View on GitHub
  incident response scripts
  ☆18Mar 4, 2019Updated 7 years ago
• dgunter / ParseZeekLogs

  View on GitHub
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Jan 12, 2023Updated 3 years ago
• bro / bro-osquery

  View on GitHub
  Bro integration with osquery
  ☆15Mar 24, 2023Updated 3 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ssh3ll / Windows-10-Hardening

  View on GitHub
  ☆53Aug 22, 2021Updated 4 years ago
• corelight / pycommunityid

  View on GitHub
  A Python implementation of the Community ID flow hashing standard
  ☆23Nov 29, 2023Updated 2 years ago
• corelight / ecs-mapping

  View on GitHub
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Mar 16, 2026Updated last week
• esnet / dpdk-plugin

  View on GitHub
  ☆29Nov 15, 2022Updated 3 years ago
• breakerspace / weaponizing-residual-censorship

  View on GitHub
  your censor is my censor: weaponizing residual censorship to perform availability attacks
  ☆22Aug 10, 2021Updated 4 years ago
• dhondta / malicious-macro-tester

  View on GitHub
  CLI tool for testing Office documents with macros using MaliciousMacroBot
  ☆12Dec 3, 2023Updated 2 years ago
• w1u0u1 / exec

  View on GitHub
  Use current thread token to execute command
  ☆15Jan 27, 2021Updated 5 years ago