Packages

conn-burst

By corelight

Identify bursty connections (large and fast)

credit-card-exposure

By sethhall

Detect credit card numbers in HTTP and SMTP with Bro.

CVE-2017-5638_struts

By initconf

package to detect CVE-2017-5638 struts attack

cve-2020-0601

By 0xxon

"Test script for CVE-2020-0601. Please read Readme."

cve-2020-0601-plugin

By 0xxon

"Test script for CVE-2020-0601. Binary package, requires OpenSSL 1.1.x"

cve-2020-13777

By 0xxon

"Test script for CVE-2020-13777. Please read Readme."

cve-2020-16898

By esnet-security

Detects CVE-2020-16898: "Bad Neighbor"

CVE-2020-16898

By corelight

A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability) AKA BadNeighbor

CVE-2020-16898-Bad-Neighbor

By initconf

CVE-2020-16898: Bad Neighbor

CVE-2020-5902-F5BigIP

By corelight

A network detection package for CVE-2020-5902, a CVE10.0 vulnerability affecting F5 Networks, Inc BIG-IP devices.

CVE-2021-38647

By corelight

A Zeek package which detects CVE-2021-38647 (AKA OMIGOD) exploit attempts

CVE-2021-42292

By corelight

A package to detect CVE-2021-42292, a Microsoft Excel priviledge exploit.

cve-2021-44228

By corelight

A Zeek package which raises notices for RCE in Log4J (CVE-2021-44228).

cve-2022-21907

By corelight

A package to detect CVE-2022-21907

cve-2022-22954

By corelight

Detect CVE-2022-22954 attempts and exploits. Also logs what data was returned to the attacker.

CVE-2022-23270-PPTP

By corelight

A package to detect CVE-2022-23270.

CVE-2022-24491

By corelight

A CVE-2022-24491 detector.

CVE-2022-24497

By corelight

A CVE-2022-24497 detector.

cve-2022-26809

By corelight

CVE-2022-26809 is a DCE/RPC RCE exploit. This package detects both attempts and successful exploits.

CVE-2022-26937

By corelight

A Zeek package to detect CVE-2022-26937, a Windows NFS vulnerabilty.

Page 3 of 13, showing 20 record(s) out of 253 total