Zeek package to generate a SMB client fingerprint
☆27May 5, 2020Updated 5 years ago
Alternatives and similar repositories for smbfp
Users that are interested in smbfp are comparing it to the libraries listed below
Sorting:
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 4 years ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Jun 3, 2020Updated 5 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- Go implementation of the Community ID flow hashing standard☆21Apr 17, 2025Updated 10 months ago
- ☆14Jan 14, 2026Updated last month
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆80Sep 13, 2023Updated 2 years ago
- Ready to run scripts for network analysis☆91Mar 20, 2025Updated 11 months ago
- ☆21Oct 16, 2021Updated 4 years ago
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- Suricata JSON schema project☆12Jan 5, 2020Updated 6 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Mar 2, 2021Updated 5 years ago
- Open source HIDS tailored for Microsoft Windows and Active Directory☆29Feb 13, 2026Updated 2 weeks ago
- Serverless honeytoken 🕵🏻♂️☆81Jan 10, 2023Updated 3 years ago
- DHCP Fingerprinting☆31Dec 15, 2020Updated 5 years ago
- line based tcp load balancing proxy.☆14Jun 18, 2024Updated last year
- A Zeek plugin to POST logs over HTTP.☆13Feb 10, 2020Updated 6 years ago
- Bro things..☆15Oct 23, 2015Updated 10 years ago
- Generate network maps from packet captures☆30Sep 15, 2019Updated 6 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Oct 12, 2020Updated 5 years ago
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Jun 29, 2022Updated 3 years ago
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆143Updated this week
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- ☆37Dec 17, 2020Updated 5 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- Golang implementation of PyMISP-feedgenerator☆18Jul 31, 2022Updated 3 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- Mapping the ATT&CK matrix in a Cowrie honeypot☆16Aug 31, 2018Updated 7 years ago
- Meeting notes☆14Apr 5, 2016Updated 9 years ago
- repo for sharing stuff☆17Jul 1, 2025Updated 8 months ago
- A package manager for Zeek☆47Jan 8, 2026Updated last month
- Log4j Exploit Detection Logic for Zeek☆19Nov 25, 2025Updated 3 months ago
- Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.☆19Aug 21, 2025Updated 6 months ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Data exfiltration using DNS☆24Dec 28, 2019Updated 6 years ago