nturley3/zeek-kerberos-haters-guide external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

nturley3/zeek-kerberos-haters-guide

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nturley3/zeek-kerberos-haters-guide)

Close

nturley3 / zeek-kerberos-haters-guideView on GitHubMore

• External links
• Readme badge

Kerberos Haters Guide to Zeek Threat Hunting

☆34Oct 14, 2021Updated 4 years ago

Alternatives and similar repositories for zeek-kerberos-haters-guide

Users that are interested in zeek-kerberos-haters-guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• theparanoids / rdfp

  View on GitHub
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Jun 20, 2023Updated 2 years ago
• blueteam0ps / det-eng-samples

  View on GitHub
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆24Oct 9, 2024Updated last year
• emojifier / emojifier

  View on GitHub
  Set your logs on fire with Emoji-🔥!
  ☆15Oct 9, 2020Updated 5 years ago
• corelight / zerologon

  View on GitHub
  Zeek package to detect Zerologon
  ☆11Nov 10, 2021Updated 4 years ago
• corelight / zeek-community-id

  View on GitHub
  Zeek support for Community ID flow hashing.
  ☆37Jul 11, 2023Updated 2 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• 0xl3x1 / zeek-EternalSafety

  View on GitHub
  Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.
  ☆19Aug 21, 2025Updated 8 months ago
• corelight / conn-burst

  View on GitHub
  A Bro package to identify connections that are bursting (lots of data and transferring quickly).
  ☆13Oct 15, 2020Updated 5 years ago
• tbarabosch / apihash_to_yara

  View on GitHub
  Generates YARA rules to detect malware using API hashing
  ☆17Mar 16, 2021Updated 5 years ago
• corelight / zeek-long-connections

  View on GitHub
  Zeek package for tracking long connections to report them before they have completed.
  ☆31Nov 25, 2025Updated 5 months ago
• activecm / zeek-open-connections

  View on GitHub
  ☆17Mar 24, 2026Updated last month
• micrictor / spl-spt

  View on GitHub
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Apr 21, 2020Updated 6 years ago
• PingTrip / broctl-setcap

  View on GitHub
  Broctl plugin for automatically executing 'setcap' on each node after an install
  ☆13Dec 18, 2020Updated 5 years ago
• yahoo / winjob

  View on GitHub
  Parser for Windows Scheduled Task files.
  ☆13Apr 26, 2023Updated 3 years ago
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• invictus-ir / o365_dataset

  View on GitHub
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆59Jun 7, 2022Updated 3 years ago
• alfarom256 / CVE-2022-45451

  View on GitHub
  PoC for Acronis Arbitrary File Read - CVE-2022-45451
  ☆18Dec 20, 2022Updated 3 years ago
• tonybaloney / sciencelogic

  View on GitHub
  A ScienceLogic EM7 API client for Python
  ☆15Jan 16, 2026Updated 3 months ago
• ethack / tht

  View on GitHub
  Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
  ☆152May 1, 2026Updated last week
• 1RedOne / PSImgur

  View on GitHub
  A PowerShell module for working with Imgur
  ☆10Nov 11, 2015Updated 10 years ago
• brianveldman / azure-bicep

  View on GitHub
  Infrastructure as Code (IaC) repository for deploying and managing Azure resources using Bicep. It also includes examples of working with…
  ☆20Apr 22, 2026Updated 2 weeks ago
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 4 years ago
• micrictor / smbfp

  View on GitHub
  Zeek package to generate a SMB client fingerprint
  ☆27May 5, 2020Updated 6 years ago
• BlackCatDeployment / SCCM

  View on GitHub
  Stuff like scripts or tools for Microsoft System Center Configuration Manager
  ☆18Oct 15, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• axon-git / rapid-response

  View on GitHub
  Repository for storage of Axon Rapid Response related queries, scripts and more
  ☆10Jul 22, 2025Updated 9 months ago
• activecm / zcutter

  View on GitHub
  Extracts fields from zeek logs, compatible with zeek-cut
  ☆27Jul 10, 2024Updated last year
• WiredPulse / EIF_Parser

  View on GitHub
  Evil Inject Finder Remote Capability and Parser
  ☆11Nov 22, 2018Updated 7 years ago
• alanrenouf / PowerActions

  View on GitHub
  A project to help share common scripts in the PowerActions web client fling
  ☆11Jul 26, 2015Updated 10 years ago
• Cyb3rWard0g / ATTACK-Python-Client

  View on GitHub
  Python Script to access ATT&CK content available in STIX via a public TAXII server
  ☆13Dec 21, 2024Updated last year
• 0xthirteen / mtprocess

  View on GitHub
  Python script to leverage MSFT_MTProcess WMI class
  ☆40Sep 17, 2025Updated 7 months ago
• sebdraven / IOCmite

  View on GitHub
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Nov 9, 2022Updated 3 years ago
• activecm / docker-zeek

  View on GitHub
  Run zeek with zeekctl in docker
  ☆63May 1, 2026Updated last week
• rpm-software-management / urlgrabber

  View on GitHub
  ☆16Jun 28, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• neu5ron / dynamic_dns_lists

  View on GitHub
  Lists of Dynamic DNS Domains/FQDNs as well as lists of services/providers that offer free dynamic dns domains.
  ☆13Nov 2, 2021Updated 4 years ago
• mixmodeai / bro_intel_linter

  View on GitHub
  Bro Intel Feed Linter
  ☆26Aug 30, 2019Updated 6 years ago
• kicker83 / ELK-Networking

  View on GitHub
  Repository with logstash, elasticsearch and kibana configs. Palo Alto, Juniper, BlueCoat, etc.
  ☆21Jun 5, 2024Updated last year
• randomaccess3 / detections

  View on GitHub
  ☆50Apr 4, 2026Updated last month
• dfranciscus / Invoke-Win10Upgrade

  View on GitHub
  Powershell module for remote upgrades of Windows 7/8 to Windows 10
  ☆13May 28, 2019Updated 6 years ago
• StrangerealIntel / DeltaFlare

  View on GitHub
  ☆12Jun 29, 2021Updated 4 years ago
• caschnee / misp-use-cases

  View on GitHub
  ☆14May 30, 2018Updated 7 years ago