zeek-ids

There are 1 repository under zeek-ids topic.

CriticalPathSecurity / Zeek-Intelligence-Feeds
Zeek-Formatted Threat Intelligence Feeds
malware phishing threat-intelligence threatintel zeek zeek-ids
Language:Zeek 327
tylabs / dovehawk
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
bro-ids misp misp-sightings threat-hunting threat-intelligence zeek zeek-ids
Language:Zeek 122
blacktop / docker-zeek
Zeek IDS Dockerfile
zeek zeek-ids docker network-monitoring ids kafka elasticsearch
Language:Zeek 99
stratosphereips / zeek_anomaly_detector
A completely automated anomaly detector Zeek network flows files (conn.log).
anomaly-detection zeek zeek-analysis zeek-ids ids intrusion-detection network-security python
Language:Python 68
zeek-flowmeter / zeek-flowmeter
A Zeek script to generate features based on timing, volume and metadata for traffic classification.
zeek zeek-ids cicflowmeter flow machine-learning feature-extraction layer3 classifiers training zeek-flowmeter ipv6-flows packet analysis ipv4
Language:Zeek 53
hardenedlinux / hardenedlinux-zeek-scripts
network-monitoring zeek-ids nix-build
Language:Zeek 38
andrewbeard / broworkshop
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
bro training-materials nsm bsides zeek zeek-ids bro-ids bro-logs workshop
Language:Dockerfile 14
0snap / zeek-cluster
Docker based Zeek IDS worker cluster
bro ids docker intrusion-detection-system cluster zeek-ids zeek bro-ids
Language:Dockerfile 11
blacktop / docker-filebeat
Alpine Linux based Filebeat Docker Image
docker beats elasticsearch filebeat zeek-ids zeek alpine-linux
Language:Shell 10
hardenedlinux / zeek2nix
An operator which calls zeek to nix-ecosystem simply.
zeek-ids zeek-package zeek ids nix network-monitoring
Language:Nix 9
0snap / broker-application-templates
Templates for writing applications using Zeek NSM communication library Broker
broker examples templates intrusion-detection-system zeek zeek-ids nsm network-security-monitoring
Language:Python 5
jakubd / zeekparse
A log parser for common zeek text logs in Golang.
zeek-ids zeek ids network-analysis networking networks
Language:Go 3
0snap / zeek-docker
Zeek IDS and Zeek-Broker Docker images
zeek zeek-ids docker zeek-docker broker zeek-broker broker-docker
Language:Dockerfile 2
bvoris / RaspberryPiZeek
Deployment of Zeek on a Raspberry Pi 4B
raspberry-pi rpi security zeek zeek-ids
2
picatz / fluentd-zeek-conf
🐦 A fluentd config for zeek
fluentd zeek-ids bro-ids configuration-file google-cloud-platform
2
activecm / save_json_stream
JSON TCP stream importer for RITA and AC-Hunter
python3 python-3 zeek zeek-ids bricata rita threat-hunting
Language:Python 1
esnet / zeek_perfsonar_owamp
OWAMP protocol analyzer plugin for Bro/Zeek
bro zeek bro-ids zeek-ids
Language:JavaScript 1
tylabs / dovehawk_flow
DoveHawk.io Anonymized Outgoing Partial Netflow
flow netflow remote threat-hunting threat-intel threat-intelligence zeek zeek-ids
Language:Zeek 1
shivamsaraswat / zeek-scripts
This repository has customised scripts of Zeek IDS.
dns ids networksecurity security zeek-ids
Language:Zeek 0
0snap / decanter
DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting -- fork of original scientific paper code
anomaly-detection bro decanter http traffic-analysis zeek zeek-ids
Language:Python