bro

There are 6 repositories under bro topic.

zeek / zeek
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
bro network-monitoring pcap security nsm dfir zeek
Language:C++ 5920
ivre / ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
bro hacktoberfest masscan network network-analysis network-discovery network-monitoring network-security nmap nmap-parser nmap-results-analyse nmap-scripts osint osint-python osint-reconnaissance python scan-ports scans security zeek
Language:Python 3299
SuperCowPowers / zat
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
python networking security bro pandas scikit-learn spark zeek kafka zeek-analysis data-analysis
Language:Jupyter Notebook 414
g3tsyst3m / BriarIDS
An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
raspberry-pi suricata raspbian monitor bro intrusion-detection raspberrypi securityonion internetofthings iot
Language:Python 211
blacktop / docker-bro
Bro IDS Dockerfile
bro bro-ids docker network-monitoring network-analysis ids kafka elasticsearch
Language:Zeek 130
zeek / packages
The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
bro network-monitoring nsm package-management packages pcap plugins security
128
hosom / file-extraction
Extract files from network traffic with Zeek.
bro extract-files zeek zeek-package
Language:Zeek 100
zeek / broker
Zeek's Messaging Library
bro caf pubsub zeek
Language:C++ 63
mytechnotalent / Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
zeek bro network-security cybersecurity cyber-security cyber cyber-threat-intelligence cyber-security-team pcap network-traffic network-analysis network-monitoring network zeek-instance lesson conn network-security-monitoring hacking hack
Language:Zeek 58
spitfire55 / MegaDev
Bro IDS + ELK Stack to detect and block data exfiltration
bro filebeat scala elasticsearch logstash zeek
Language:Bro 47
zeek / zeek-docs
Documentation for Zeek
bro dfir network-monitoring nsm pcap security zeek
Language:Zeek 46
JustinAzoff / flow-indexer
Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
bro netflow index search-engine pcap
Language:Go 45
shadonet / pfSense-pkg-zeek
Zeek (formerly Bro) Network Security Monitor package for pfSense router/firewall
php xml xml-rpc javascript ajax bash firewall zeek pfsense-pkg-zeek bro pfsense ssh pfsense-router
Language:PHP 42
zeek / package-manager
A package manager for Zeek
bro network-monitoring nsm package-manager packages pcap plugin-manager security
Language:Python 42
seiyria / status-list
A list of your various social statii.
status list bro burn doge rekt rip spook swag told
35
binorassocies / brostash
brostash: Linux distribution based on Debian and focusing on network security events collection
bro-ids pf-ring debian linux-distribution filebeat security linux elk packetbeat bro
Language:Shell 34
AlkenePan / awesome-bro
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
bro nsm awesome
31
hosom / bro-otx
Integrate Zeek with Alienvault OTX
bro alienvault-otx otx threatintel
Language:Python 24
anl-cyberscience / LQMToolset
Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.
python endpoint-defense cybersecurity splunk palo-alto-firewalls checkpoint bro
Language:Python 21
bro
openpeeps / bro
Bro - A super fast stylesheet language for cool kids! Alternative to SassC, DartSass SassJS and Less.
awesome-nim bro bro-lang css css-compiler csstree dart-sass developer-tools development-tools front-end-development frontend hacktoberfest javascript nim nim-lang nodejs sass scss stylesheet-language webdevelopment
Language:Nim 19
alias454 / graylog-zeek-content-pack
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
bro ids graylog security-onion graylog-content-pack zeek
18
satta / gommunityid
Go implementation of the Community ID flow hashing standard
flow-hashing network-monitoring network-security network-security-monitoring community-id suricata zeek bro go golang
Language:Go 18
andrewbeard / broworkshop
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
bro training-materials nsm bsides zeek zeek-ids bro-ids bro-logs workshop
Language:Dockerfile 14
irtimmer / bro-xdp_packet-plugin
Plugin providing AF_XDP support for Bro.
bro xdp
Language:C 14
0snap / zeek-cluster
Docker based Zeek IDS worker cluster
bro ids docker intrusion-detection-system cluster zeek-ids zeek bro-ids
Language:Dockerfile 11
GridProtectionAlliance / ARMORE
Applied Resiliency for More Trustworthy Grid Operation
securing-communications bro
Language:JavaScript 11
Azer0s / brolang
The brogramming language for real bros
bro esoteric-language esolang yeet
Language:D 9
hosom / odd-services
Detect weird services on a network.
bro nsm intrusion-detection
Language:Bro 8
mellow-hype / bro-stash
Collect and parse Bro logs with Logstash+Filebeat
bro logstash filebeat infosec nsm
8
tenzir / zeek-mac-ages
:bulb: Enhance Zeek with MAC address ages
bro zeek mac-address
Language:C++ 8
ahmadjd94 / Bro-ID-Log-Analyzer
BILA: BRO IDS Logs Analyzer
security bro log-analyzer ids bro-ids plotly sqlite3
Language:Python 7
alias454 / bro-formula
A saltstack formula to install BRO network security monitor on RHEL or Debian based systems
automation bro ids monitoring network nsm salt-formula saltstack security zeek
Language:SaltStack 7
bonifield / splunk_on_security_onion
Splunk configs for Security Onion
bro forwarder onion security splunk sysmon zeek
7
tylabs / dovehawk_dns
DoveHawk Passive DNS Collector Module for Zeek
zeek bro pdns dns threat-hunting threat-intelligence dovehawk
Language:Zeek 7
ZeerBit / zeerbit-ecs-pipeline
Elastic Common Schema (ECS) ingest pipeline for Zeek network traffic analyzer
zeek pipeline ecs bro elasticsearch siem
Language:Lua 7
geekscrapy / bro2csv
Take Bro .log files and output as csv
bro csv dfir
Language:Python 6

bro

zeek / zeek

ivre / ivre

SuperCowPowers / zat

g3tsyst3m / BriarIDS

blacktop / docker-bro

zeek / packages

hosom / file-extraction

zeek / broker

mytechnotalent / Zeek-Network-Security-Monitor

spitfire55 / MegaDev

zeek / zeek-docs

JustinAzoff / flow-indexer

shadonet / pfSense-pkg-zeek

zeek / package-manager

seiyria / status-list

binorassocies / brostash

AlkenePan / awesome-bro

hosom / bro-otx

anl-cyberscience / LQMToolset

openpeeps / bro

alias454 / graylog-zeek-content-pack

satta / gommunityid

andrewbeard / broworkshop

irtimmer / bro-xdp_packet-plugin

0snap / zeek-cluster

GridProtectionAlliance / ARMORE

Azer0s / brolang

hosom / odd-services

mellow-hype / bro-stash

tenzir / zeek-mac-ages

ahmadjd94 / Bro-ID-Log-Analyzer

alias454 / bro-formula

bonifield / splunk_on_security_onion

tylabs / dovehawk_dns

ZeerBit / zeerbit-ecs-pipeline

geekscrapy / bro2csv