Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
☆40Jun 20, 2023Updated 2 years ago
Alternatives and similar repositories for rdfp
Users that are interested in rdfp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 6 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 6 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Oct 22, 2025Updated 7 months ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 6 years ago
- ☆14Jan 14, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Zeek package to detect Zerologon☆11Nov 10, 2021Updated 4 years ago
- A Spicy protocol analyzer for WireGuard☆28Aug 11, 2020Updated 5 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 4 years ago
- Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.☆19Aug 21, 2025Updated 9 months ago
- Golang implementation of PyMISP-feedgenerator☆18Jul 31, 2022Updated 3 years ago
- ☆18Dec 20, 2024Updated last year
- Log4j Exploit Detection Logic for Zeek☆19Nov 25, 2025Updated 6 months ago
- Plugin providing AF_XDP support for Bro.☆15May 10, 2021Updated 5 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆81Sep 13, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Dockerized Zeek☆12Mar 9, 2024Updated 2 years ago
- Bro analyzer that detects Google's QUIC protocol☆11Mar 2, 2021Updated 5 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- line based tcp load balancing proxy.☆14Jun 18, 2024Updated last year
- This module detects HTTP requests that are non RFC compliant and used for smuggling☆12Mar 16, 2023Updated 3 years ago
- How to Zeek Sysmon Logs!☆102Feb 12, 2022Updated 4 years ago
- Sniffpass will alert on cleartext passwords discovered in HTTP POST requests☆17Oct 30, 2023Updated 2 years ago
- Enables Zeek to communicate with Tenzir☆11Jul 20, 2023Updated 2 years ago
- FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …☆682Oct 28, 2023Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Kerberos Haters Guide to Zeek Threat Hunting☆34Oct 14, 2021Updated 4 years ago
- Proof of concept communications from C# via a web browser process☆21Feb 15, 2019Updated 7 years ago
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆549May 1, 2025Updated last year
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Jun 11, 2024Updated last year
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Nov 19, 2020Updated 5 years ago
- ☆30Nov 15, 2022Updated 3 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 5 months ago
- Zeek support for Community ID flow hashing.☆37Jul 11, 2023Updated 2 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 6 months ago
- Extracting and analyzing URLs from Emails for phishing events☆22Mar 28, 2026Updated last month
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆40Aug 18, 2022Updated 3 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.☆13Jun 28, 2013Updated 12 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated last year