stratosphereips / zeek_anomaly_detectorView external linksLinks
A completely automated anomaly detector Zeek network flows files (conn.log).
☆82Aug 5, 2025Updated 6 months ago
Alternatives and similar repositories for zeek_anomaly_detector
Users that are interested in zeek_anomaly_detector are comparing it to the libraries listed below
Sorting:
- ☆45Nov 18, 2025Updated 2 months ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆451Jan 16, 2024Updated 2 years ago
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46May 30, 2024Updated last year
- zeek-scripts☆45Dec 27, 2018Updated 7 years ago
- Enables Zeek to communicate with Tenzir☆11Jul 20, 2023Updated 2 years ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆58Nov 8, 2020Updated 5 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors i…☆857Updated this week
- Utility for parsing Bro log files into CSV or JSON format☆41Jan 12, 2023Updated 3 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Apr 17, 2020Updated 5 years ago
- Zeek network security monitor plugin that enables parsing of the Profinet protocol☆30May 30, 2024Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Nov 3, 2025Updated 3 months ago
- Zeek BACnet Parser - CISA ICSNPP☆22Nov 6, 2025Updated 3 months ago
- A set of Zeek scripts to detect ATT&CK techniques.☆620Jun 26, 2024Updated last year
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆80Sep 13, 2023Updated 2 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- Extract files from network traffic with Zeek.☆102Mar 17, 2020Updated 5 years ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Aug 18, 2022Updated 3 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆70Oct 30, 2025Updated 3 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Dec 16, 2023Updated 2 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Nov 26, 2025Updated 2 months ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Nov 19, 2020Updated 5 years ago
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- INACTIVE - http://mzl.la/ghe-archive - Zeek Extreme Performance Tuning☆26Oct 10, 2019Updated 6 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆172May 23, 2023Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Jan 18, 2022Updated 4 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- Netcap Tensorflow Deep Neural Network☆15Apr 26, 2020Updated 5 years ago
- TLS Tracing examples using eBPF against the OpenSSL Library☆15Jun 26, 2022Updated 3 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- How to Zeek Sysmon Logs!☆103Feb 12, 2022Updated 4 years ago
- Adversary Emulation Planner☆42Jan 9, 2026Updated last month
- A web-based tool to assist the work of the intuitive threat analysts.☆114Feb 9, 2019Updated 7 years ago
- Yara filetype plugin for Vim.☆14Feb 18, 2021Updated 4 years ago
- Integrated MALware Simulator and Emulator☆13Dec 10, 2013Updated 12 years ago