Identify bursty connections (large and fast)
Detect credit card numbers in HTTP and SMTP with Bro.
package to detect CVE-2017-5638 struts attack
"Test script for CVE-2020-0601. Please read Readme."
"Test script for CVE-2020-0601. Binary package, requires OpenSSL 1.1.x"
"Test script for CVE-2020-13777. Please read Readme."
A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability) AKA BadNeighbor
CVE-2020-16898: Bad Neighbor
A network detection package for CVE-2020-5902, a CVE10.0 vulnerability affecting F5 Networks, Inc BIG-IP devices.
Watch SMB transactions for files whose filename matches patterns known to be used by ransomware
Find and notice DNS zone transfer attempts.
Detect DNS Tunnels attack.
A library for getting the "effective tld" of a domain name.
MISP+Zeek. Dovehawk is a Zeek Module to import MISP indicators to the Intel Framework and Signature Framework automatically. Reports sightings directly back to MISP as they happen. Supports Zeek Clusters.
Dovehawk.io Passive DNS Capture Module.
Dovehawk Anonymized Outbound Flow Tracking
Create dummy connection records.
Set your logs on fire with Emojifier!
Extract files from network traffic with Zeek.
Page 3 of 8, showing 20 record(s) out of 154 total