ncsa / bro-simple-scan
☆15Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for bro-simple-scan
- scan-detection policies for bro☆15Updated last year
- ☆23Updated 4 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Zeek package to generate a SMB client fingerprint☆26Updated 4 years ago
- Bro Intel Feed Linter☆26Updated 5 years ago
- ☆9Updated 4 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- Detect Phishing with Bro IDS☆18Updated 7 years ago
- brocon-15 scripts☆13Updated 7 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- A framework that correlates Bro events☆18Updated 11 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 4 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 6 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Updated 7 years ago
- An ICAP Server with yara scanner for URL and content.☆57Updated 3 years ago
- A collection of bro_scripts and signatures☆26Updated 5 years ago
- ☆85Updated 11 years ago
- ☆17Updated 7 years ago
- Various Bro scripts☆96Updated 8 years ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆44Updated 5 years ago
- Contributed Bro Scripts☆30Updated 10 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆37Updated last year
- ☆20Updated 3 years ago
- PacketSled's Bro AMQP Writer Plugin☆11Updated 8 years ago
- This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.☆47Updated 10 years ago