Packages

spicy-dhcp

By zeek

Spicy-based analyzer for the DHCP protocol.

spicy-dns

By zeek

Spicy-based analyzer for the DNS protocol.

spicy-http

By zeek

Spicy-based analyzer for the HTTP protocol.

spicy-ldap

By zeek

An LDAP analyzer based on Spicy

spicy-pe

By zeek

Spicy-based analyzer for the Portable Executable (PE) image format

spicy-png

By zeek

Spicy-based analyzer for the PNG file format.

spicy-tftp

By zeek

Spicy-based analyzer for the TFTP protocol.

spicy-zip

By zeek

TODO: A more detailed description of Archive. It can span multiple lines, with this indention.

spl-spt

By micrictor

A package that creates a log for sequences of packet lengths and times, allowing for new analytics based on these data features.

ssn-exposure

By sethhall

Detect US Social Security numbers in HTTP and SMTP.

tcprs

By jswaro

TCP Retransmission and State Analyzer plugin for Bro.

top-dns

By corelight

Log the top DNS queries being requested.

uap-bro

By vitalyrepin

User Agent Parser - Bro implementation based on uap-core

unknown-mime-type-discovery

By sethhall

Help Zeek by finding unidentified file types.

variation_coefficient

By thibaultbl

Implementing coefficient of variation (standard deviation / average), sort of relative standard deviation.

venom

By dopheide

Attempts to detect an attacker calling to the VENOM Linux Rootkit https://security.web.cern.ch/security/venom.shtml

vnc-scanner

By initconf

Simple policy to detect VNC (RFB) scanners based on src->dst connection counts

Page 7 of 11, showing 20 record(s) out of 201 total