salesforce/multithreaded-exfil-detection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

salesforce/multithreaded-exfil-detection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/salesforce/multithreaded-exfil-detection)

Close

salesforce / multithreaded-exfil-detectionView on GitHubMore

• External links
• Readme badge

A simple way of detecting multithreaded exfiltration in Zeek.

☆15May 1, 2025Updated 10 months ago

Alternatives and similar repositories for multithreaded-exfil-detection

Users that are interested in multithreaded-exfil-detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• zeek / spicy-analyzers

  View on GitHub
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆32Sep 16, 2024Updated last year
• tenzir / dockerized-zeek

  View on GitHub
  Dockerized Zeek
  ☆12Mar 9, 2024Updated 2 years ago
• corelight / zerologon

  View on GitHub
  Zeek package to detect Zerologon
  ☆11Nov 10, 2021Updated 4 years ago
• precurse / zeek-httpattacks

  View on GitHub
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Mar 16, 2023Updated 3 years ago
• corelight / zeek2es

  View on GitHub
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆39Aug 18, 2022Updated 3 years ago
• corelight / zeek-long-connections

  View on GitHub
  Zeek package for tracking long connections to report them before they have completed.
  ☆31Nov 25, 2025Updated 4 months ago
• cmcmsec / suricata_open

  View on GitHub
  ☆13Feb 25, 2021Updated 5 years ago
• theparanoids / spicy-noise

  View on GitHub
  A Spicy protocol analyzer for WireGuard
  ☆29Aug 11, 2020Updated 5 years ago
• DCSO / Blog_CyTec

  View on GitHub
  Repository to provide files related to our blog articles.
  ☆16May 26, 2025Updated 9 months ago
• SUMGlobal / bazel-micronaut-example

  View on GitHub
  Example code for post: http://sumglobal.com/2020/03/10/bazel-and-micronaut
  ☆14Sep 21, 2020Updated 5 years ago
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• corelight / log-add-http-post-bodies

  View on GitHub
  Add POST body excerpt to Bro's HTTP log
  ☆14Dec 10, 2025Updated 3 months ago
• theparanoids / rdfp

  View on GitHub
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Jun 20, 2023Updated 2 years ago
• BinaryDefense / beacon-fronting

  View on GitHub
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆70Feb 3, 2022Updated 4 years ago
• corelight / CVE-2021-42292

  View on GitHub
  A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.
  ☆18Nov 11, 2021Updated 4 years ago
• cgrindel / bazel-starlib

  View on GitHub
  Rules, macros, and APIs that are useful for the implementation of Bazel repositories.
  ☆18Mar 11, 2026Updated 2 weeks ago
• 0xl3x1 / zeek-EternalSafety

  View on GitHub
  Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.
  ☆19Aug 21, 2025Updated 7 months ago
• brimdata / brimcap

  View on GitHub
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆93Apr 25, 2025Updated 11 months ago
• zeek / zeek-af_packet-plugin

  View on GitHub
  Plugin providing native AF_Packet support for Zeek.
  ☆33Oct 22, 2025Updated 5 months ago
• cybera / zeek-sniffpass

  View on GitHub
  Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
  ☆17Oct 30, 2023Updated 2 years ago
• raphaeldelio / bluesky-bot

  View on GitHub
  ☆17Feb 24, 2025Updated last year
• j91321 / ansible-role-auditbeat

  View on GitHub
  Ansible role to install auditbeat for security monitoring. (Ruleset included)
  ☆15Nov 16, 2023Updated 2 years ago
• salesforce / bazel-maven-proxy

  View on GitHub
  A local (read-only) proxy for Bazel to access Maven resources behind a secure repository or from the local Maven repository
  ☆24Apr 18, 2023Updated 2 years ago
• satta / gommunityid

  View on GitHub
  Go implementation of the Community ID flow hashing standard
  ☆22Apr 17, 2025Updated 11 months ago
• meteorcloudy / bzlmod-examples

  View on GitHub
  Example usages of Bzlmod feature in Bazel
  ☆16Sep 7, 2021Updated 4 years ago
• mytechnotalent / Zeek-Network-Security-Monitor

  View on GitHub
  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…
  ☆62Nov 26, 2025Updated 3 months ago
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• unsync / astral-docker

  View on GitHub
  Docker deployment configuration for Astral app - a GitHub stars organizer application with Laravel and PHP.
  ☆13May 2, 2020Updated 5 years ago
• amzn / zeek-plugin-tds

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol
  ☆25May 30, 2024Updated last year
• dfir-scripts / EverReady-Disk-Mount

  View on GitHub
  Disk Image Mounting Script
  ☆11Jan 22, 2026Updated 2 months ago
• elastic / siglearn

  View on GitHub
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Feb 6, 2025Updated last year
• salesforce / bazel-java-sdk

  View on GitHub
  ☆26Feb 20, 2023Updated 3 years ago
• nickvsnetworking / Scratch-n-Sniff

  View on GitHub
  Remote packet Sniffer that encapsulates captured packets into TZSP and copies them to a remote IP
  ☆21Nov 19, 2025Updated 4 months ago
• sud0woodo / Urgent11-Suricata-LUA-scripts

  View on GitHub
  Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260
  ☆19Nov 28, 2019Updated 6 years ago
• TractionOnDemand / TractionSyncProxy

  View on GitHub
  Salesforce and Google Sheet synchronization via Heroku proxy
  ☆13Aug 16, 2017Updated 8 years ago
• marcohu / rules_antlr

  View on GitHub
  ANTLR rules for Bazel
  ☆26Sep 18, 2023Updated 2 years ago
• cudeso / dfir-iris-misp-timesketch

  View on GitHub
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆36Feb 2, 2022Updated 4 years ago
• thecyberhex / awesome-security

  View on GitHub
  A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
  ☆14Aug 30, 2017Updated 8 years ago
• amzn / zeek-plugin-enip

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards
  ☆46May 30, 2024Updated last year