zeek / zeek-docsLinks
Documentation for Zeek
☆50Updated this week
Alternatives and similar repositories for zeek-docs
Users that are interested in zeek-docs are comparing it to the libraries listed below
Sorting:
- Zeek support for Community ID flow hashing.☆35Updated last year
- Zeek package for tracking long connections to report them before they have completed.☆30Updated 4 months ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 11 months ago
- Specifications used in the MISP project including MISP core format☆51Updated 5 months ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- Best practices in threat intelligence☆47Updated 2 years ago
- Tool for managing Zeek deployments.☆56Updated this week
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- automate your MISP installs☆68Updated 4 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆87Updated 3 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- ☆20Updated 5 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- ☆33Updated 5 years ago
- A Python implementation of the Community ID flow hashing standard☆23Updated last year
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.☆81Updated 2 months ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Log Entry to Sigma Rule Converter☆108Updated 3 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆137Updated last week
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Python API Client for Cortex☆32Updated 3 years ago
- Salt States for Configuring the SIFT Workstation☆103Updated 3 weeks ago