26 results found Sort:

zeek
zeek zeek
1.2k
6.2k
other
353
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
bro nsm dfir pcap zeek security network-monitoring
Created 2012-07-06
16,621 commits to master branch, last one 3 days ago
ivre
ivre ivre
629
3.4k
gpl-3.0
171
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligenc...
bro nmap zeek osint scans python masscan network security scan-ports nmap-parser nmap-scripts osint-python hacktoberfest network-analysis network-security network-discovery network-monitoring nmap-results-analyse osint-reconnaissance
Created 2014-09-12
3,955 commits to master branch, last one 2 days ago
deepfence
PacketStreamer deepfence
253
1.9k
apache-2.0
13
:star: :star: Distributed tcpdump for cloud native environments :star: :star:
soc pcap zeek snort secops suricata infosectools tcpdump-like hacktoberfest observability packet-capture packet-sniffer security-tools forensics-tools network-analysis traffic-monitoring
Created 2022-03-25
61 commits to main branch, last one 8 months ago
cisagov
Malcolm cisagov
302
1.8k
other
54
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
pcap zeek arkime infosec security suricata opensearch cybersecurity networksecurity network-security opensearch-dashboards networktrafficanalysis network-traffic-analysis
Created 2019-05-13
4,092 commits to main branch, last one 2 days ago
cisagov
LME cisagov
59
763
other
18
Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.
elk log zeek elastic logging security elk-stack cybersecurity elasticsearch security-tools network-analysis
Created 2023-10-06
98 commits to main branch, last one 29 days ago
stratosphereips
StratosphereLinuxIPS stratosphereips
164
667
other
32
Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT ...
ai ids ips pcap zeek docker gsoc-2023 gsoc-2024 machine-learning network-analysis network-security stratosphere-ips endpoint-protection intrusion-detection-system intrusion-prevention-system
Created 2015-12-08
11,359 commits to master branch, last one 15 days ago
tenzir
tenzir tenzir
85
623
bsd-3-clause
35
Open source security data pipelines.
soc pcap siem zeek sigma dataops netflow security suricata pipelines secdataops investigation threathunting incident-response
Created 2010-09-23
21,140 commits to main branch, last one 2 days ago
SuperCowPowers
zat SuperCowPowers
109
422
mit
39
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
bro zeek kafka spark pandas python security networking scikit-learn data-analysis zeek-analysis
Created 2017-03-22
572 commits to main branch, last one 5 months ago
V1D1AN
S1EM V1D1AN
77
394
mit
18
This project is a SIEM with SIRP and Threat Intel, all in one.
n8n misp mwdb yara zeek sigma arkime cortex docker kibana malware opencti thehive filebeat logstash suricata zircolite velociraptor elasticsearch
Created 2021-05-11
636 commits to master branch, last one 5 months ago
CriticalPathSecurity
Zeek-Intelligence-Feeds CriticalPathSecurity
46
329
mit
14
Zeek-Formatted Threat Intelligence Feeds
zeek malware phishing zeek-ids threatintel threat-intelligence
Created 2020-08-20
141 commits to master branch, last one 9 hours ago
tenzir
threatbus tenzir
16
256
bsd-3-clause
26
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
cif ids cif3 misp zeek opencti sightings threat-bus threatintel threat-hunting opencti-connector threat-intelligence threat-intelligence-data
This repository has been archived (exclude archived)
Created 2019-01-31
857 commits to main branch, last one 2 years ago
zeek
spicy zeek
36
237
other
22
C++ parser generator for dissecting protocols & files.
zeek spicy parsing security
Created 2020-04-06
3,432 commits to main branch, last one a day ago
DynamiteAI
dynamite-nsm DynamiteAI
22
165
gpl-3.0
11
DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
zeek ipfix agents kibana python netflow python3 logstash suricata dashboards dynamite-nsm elasticsearch network-traffic network-analysis
Created 2019-06-17
1,370 commits to master branch, last one 2 years ago
tylabs
dovehawk tylabs
24
122
mit
9
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
misp zeek bro-ids zeek-ids misp-sightings threat-hunting threat-intelligence
Created 2018-08-24
57 commits to master branch, last one 2 years ago
ethack
tht ethack
19
119
mit
10
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
zeek docker threat-hunting
Created 2021-03-17
403 commits to main branch, last one 28 days ago
brimdata
brimcap brimdata
8
72
bsd-3-clause
7
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
pcap zeek suricata brim-desktop
Created 2021-03-27
1,418 commits to main branch, last one 14 hours ago
stratosphereips
zeek_anomaly_detector stratosphereips
31
70
gpl-2.0
5
A completely automated anomaly detector Zeek network flows files (conn.log).
ids zeek python zeek-ids zeek-analysis network-security anomaly-detection intrusion-detection
Created 2019-08-03
82 commits to main branch, last one 11 months ago
Truvis
CheatSheets Truvis
11
67
unknown
7
Collection of scripts, files, and tips to create and maintain networks, hack, and more!
siem snmp zeek linux kibana splunk pfsense windows elkstack filebeat logstash opnsense security dashboards packetbeat cheatsheets elasticsearch security-audit security-tools network-monitoring
Created 2019-02-20
169 commits to master branch, last one 3 years ago
zeek
broker zeek
28
64
other
20
Zeek's Messaging Library
bro caf zeek pubsub
Created 2014-07-09
1,995 commits to master branch, last one 4 days ago
mytechnotalent
Zeek-Network-Security-Monitor mytechnotalent
11
59
apache-2.0
6
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples...
bro conn hack pcap zeek cyber lesson hacking network cybersecurity zeek-instance cyber-security network-traffic network-analysis network-security network-monitoring cyber-security-team cyber-threat-intelligence network-security-monitoring
Created 2020-02-07
25 commits to main branch, last one about a year ago
zeek
zeek-agent-v2 zeek
5
58
other
12
Open source endpoint agent providing host information to Zeek. [v2]
zeek
Created 2021-12-06
333 commits to main branch, last one 3 months ago
zeek
zeek-docs zeek
60
48
other
20
Documentation for Zeek
bro nsm dfir pcap zeek security network-monitoring
Created 2019-01-17
1,058 commits to master branch, last one 8 days ago
amzn
zeek-plugin-enip amzn
15
45
bsd-3-clause
11
Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards
zeek ics-security zeek-package security-tools
Created 2019-10-04
25 commits to master branch, last one 3 months ago
activecm
docker-zeek activecm
16
44
mit
5
Run zeek with zeekctl in docker
zeek docker zeekctl hacktoberfest
Created 2020-05-21
52 commits to master branch, last one about a year ago
SeisoLLC
zeek-kafka SeisoLLC
15
43
apache-2.0
10
A Zeek log writer plugin that publishes to Kafka.
zeek kafka seiso security zeek-kafka zeek-package
Created 2020-12-31
80 commits to main branch, last one 2 months ago
signorrayan
SplunkThreatHunting signorrayan
7
33
unknown
1
This repository contains Splunk queries to hunt some anomalies
zeek splunk sysmon suricata dashboard fortigate threat-hunting anomaly-detection
Created 2022-04-08
65 commits to main branch, last one about a year ago