There are 1 repository under zeek-ids topic.
Zeek-Formatted Threat Intelligence Feeds
A completely automated anomaly detector Zeek network flows files (conn.log).
A Zeek script to generate features based on timing, volume and metadata for traffic classification.
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
Docker based Zeek IDS worker cluster
Alpine Linux based Filebeat Docker Image
An operator which calls zeek to nix-ecosystem simply.
Templates for writing applications using Zeek NSM communication library Broker
Zeek IDS and Zeek-Broker Docker images
🐦 A fluentd config for zeek
JSON TCP stream importer for RITA and AC-Hunter
DoveHawk.io Anonymized Outgoing Partial Netflow
This repository has customised scripts of Zeek IDS.
DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting -- fork of original scientific paper code