zeek / zeek-docsLinks
Documentation for Zeek
☆50Updated 2 weeks ago
Alternatives and similar repositories for zeek-docs
Users that are interested in zeek-docs are comparing it to the libraries listed below
Sorting:
- Zeek support for Community ID flow hashing.☆35Updated last year
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 5 months ago
- ☆49Updated 4 years ago
- ☆35Updated 4 years ago
- Python API Client for Cortex☆32Updated 3 years ago
- Tool for managing Zeek deployments.☆56Updated 3 weeks ago
- ☆20Updated 5 years ago
- Zeek package for tracking long connections to report them before they have completed.☆30Updated 4 months ago
- Log Entry to Sigma Rule Converter☆108Updated 3 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- OSSEM Common Data Model☆55Updated 2 years ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- Best practices in threat intelligence☆47Updated 2 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- ☆23Updated 5 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated 2 years ago
- A Python implementation of the Community ID flow hashing standard☆23Updated last year
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last week
- Presentation Slides and Video links☆32Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- misp-cloud - Cloud-ready images of MISP☆73Updated 2 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆106Updated last year