|
Python |
3 |
Extracts fields from zeek logs, compatible with zeek-cut |
Apr 26, 2023 |
|
None |
2 |
Elasticsearch mapping for Zeek logs |
Nov 23, 2020 |
|
Zeek |
4 |
cve-2022-21907 |
Mar 21, 2022 |
|
Zeek |
4 |
A Zeek Mach-o File Analyzer |
Oct 14, 2020 |
|
Zeek |
4 |
A Zeek OSPF packet analyzer based on Spicy. |
Dec 24, 2021 |
|
Zeek |
4 |
A Zeek Wireguard protocol analyzer based on Spicy. |
Jan 29, 2022 |
|
Zeek |
4 |
Scripts to define custom http log |
Jun 20, 2022 |
|
Zeek |
5 |
Zeek Modbus Extension Scripts - CISA ICSNPP |
May 10, 2022 |
|
Zeek |
5 |
Zeek Plugin that detects CallStranger (CVE-2020-12695) attempts (http://callstranger.com/) |
Feb 22, 2022 |
|
Zeek |
5 |
A network detection package for CVE-2020-5902, a CVE10.0 vulnerability affecting F5 Networks, Inc BIG-IP devices. |
Oct 24, 2021 |
|
Zeek |
5 |
Add VLAN tags to all Zeek logs |
Jul 29, 2022 |
|
Zeek |
5 |
A Zeek JPEG File Analyzer |
Aug 06, 2021 |
|
Zeek |
5 |
Zeek intel file indicators based on the block-doh by bambenek |
Jun 10, 2022 |
|
Zeek |
6 |
CVE-2021-38647 AKA "OMIGOD" vulnerability in Windows OMI |
Feb 11, 2022 |
|
Zeek |
6 |
LDAP analyzer |
Apr 27, 2022 |
|
Zeek |
7 |
None |
Aug 25, 2021 |
|
Zeek |
7 |
Zeek DNP3 Extension Scripts - CISA ICSNPP |
Jun 30, 2022 |
|
Zeek |
7 |
Detection of RCE in Oracle's WebLogic Server CVE-2020-14882 / CVE-2020-14750 |
Jul 13, 2022 |
|
Zeek |
7 |
A Zeek package to detect the Pingback malware ICMP tunnel command and control (C2) network … |
Aug 05, 2021 |
|
Zeek |
8 |
A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability) |
Oct 24, 2021 |
|
Zeek |
10 |
This demo illustrates how to use Confluent to optimize your Security Information and Event Management … |
Jun 15, 2022 |
|
Zeek |
10 |
Detection of attempts to exploit Microsoft Windows DNS server via CVE-2020-1350 (AKA SIGRed) |
Jan 14, 2021 |
|
Zeek |
10 |
Bro Detection Scripts |
Aug 05, 2021 |
|
Zeek |
11 |
Zeek Ethernet/IP and CIP Parser - CISA ICSNPP |
May 30, 2022 |
|
Zeek |
11 |
A Zeek package that detects Zoom logins and meeting joins |
Jan 12, 2022 |
|
Zeek |
11 |
Top DNS Measurement for Bro |
Jul 09, 2021 |
|
Zeek |
11 |
A Zeek ELF File Analyzer |
Jan 09, 2022 |
|
Zeek |
12 |
Zeek package to detect Zerologon |
Dec 15, 2021 |
|
Zeek |
13 |
A simple way of detecting multithreaded exfiltration in Zeek. |
Jul 18, 2022 |
|
Zeek |
13 |
This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2 |
Mar 05, 2022 |
|
Zeek |
2 |
None |
Jan 11, 2023 |
|
Zeek |
4 |
Add geolocation fields to Zeek "conn" logs |
Apr 12, 2023 |
|
Zeek |
7 |
A vulnerability scan detection script for Zeek |
Jun 11, 2021 |
|
Zeek |
2 |
Add more filenames to files.log from HTTP requests |
Feb 23, 2022 |
|
Zeek |
2 |
Zeek script using the official ICANN Top-Level Domain (TLD) list with the Input Framework to … |
Feb 12, 2022 |
|
Zeek |
2 |
None |
Jul 08, 2022 |
|
Zeek |
2 |
Detection of Linux Malware C2 RedXOR - demonstration |
Oct 24, 2021 |
|
Zeek |
2 |
Clear SSL State earlier to reduce memory usage |
Apr 28, 2022 |
|
Zeek |
2 |
None |
Aug 15, 2022 |
|
Zeek |
3 |
Zeek Package that extracts features from IRC communication |
Sep 21, 2020 |
|
Zeek |
3 |
reduce amount of tracked smb state |
Apr 28, 2022 |
|
Zeek |
3 |
A Zeek OpenVPN protocol analyzer, based on Spicy. |
Jan 21, 2022 |
|
Zeek |
3 |
Zeek Unit Testing. Provides a framework to write unit tests for Zeek scripts. |
Oct 24, 2021 |
|
Zeek |
3 |
None |
Mar 02, 2022 |
|
Zeek |
14 |
HTTP Protocol Stack CVE-2021-31166 |
Jul 07, 2022 |
|
Zeek |
15 |
None |
Oct 20, 2021 |
|
Zeek |
15 |
A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit. |
Jul 04, 2022 |
detect-ransomware-filenames
|
Zeek |
15 |
None |
Nov 04, 2021 |
|
Zeek |
17 |
None |
Jun 10, 2022 |
|
Zeek |
18 |
Log4j Exploit Detection Logic for Zeek |
Feb 09, 2022 |