tenzir / zeek-tenzir
Enables Zeek to communicate with Tenzir
☆11Updated last year
Alternatives and similar repositories for zeek-tenzir:
Users that are interested in zeek-tenzir are comparing it to the libraries listed below
- Complementary material to presentations at events☆9Updated 2 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- ☆23Updated 4 years ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 4 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 9 months ago
- Extensions for Zeek's Intelligence Framework.☆11Updated 3 years ago
- A Python implementation of the Community ID flow hashing standard☆23Updated last year
- scan-detection policies for bro☆15Updated 2 months ago
- Build Automated Machine Images for MISP☆28Updated last year
- ☆12Updated 5 years ago
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Updated 4 years ago
- Zeek package to detect Zerologon☆11Updated 3 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 2 months ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- CyCAT.org taxonomies☆14Updated 3 years ago
- ☆14Updated 11 months ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆32Updated last month
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 4 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- Zeek package for tracking long connections to report them before they have completed.☆30Updated last month
- OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker☆14Updated last year
- Log4j Exploit Detection Logic for Zeek☆19Updated 10 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- This module detects HTTP requests that are non RFC compliant and used for smuggling☆12Updated 2 years ago