Packages

zeek-ntp-monlist

By dopheide

This script just replaces the old ntp-monlist script to work with Zeek 3.0.0+

zeek-plugin-bacnet

By amzn

Plugin that enables parsing of the BACnet standard building controls protocol

zeek-plugin-enip

By amzn

Plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards

zeek-plugin-profinet

By amzn

Plugin that enables parsing of the Profinet protocol

zeek-plugin-roca

By 0xxon

Identify certificates potentially affected by CVE-2017-15361

zeek-plugin-s7comm

By amzn

Plugin that enables parsing of the S7 protocol

zeek-plugin-tds

By amzn

Plugin that enables parsing of the Tabular Data Stream (TDS) protocol

zeek-postgresql

By 0xxon

A PostgreSQL reader and writer for Bro.

zeek-print-log-info

By jsiwek

Gathers and prints field descriptions for all Zeek logs. The default output format is CSV files.

zeek-sniffpass

By cybera

Sniffpass will alert on cleartext passwords discovered in HTTP POST requests

zeek-ssh-interesting-hostnames-with-known

By dopheide

This script replaces the default ssh/interesting-hostnames and reduces the number of asyncrhonous when() calls made by Zeek.

zeek-sumstats-counttable

By 0xxon

Two-dimensional buckets for sumstats (count occurences per $str).

zeek-test-package

By jsiwek

An example Zeek package for testing purposes.

zeek-tls-log-alternative

By 0xxon

"This package generates a file called tls.log. The difference from ssl.log is that it is much more focused on logging all kinds of protocol features. This can be interesting for academic purposes - or if one is just interested in more information about specific features used in local TLS traffic."

zeek-vast

By tenzir

A package that enables Zeek to communicate with VAST

Page 6 of 6, showing 15 record(s) out of 115 total