smbfp

By micrictor

A package to create a fingerprint of SMB clients

smtp-url-analysis

By initconf

Suite of smtp related policies includes extracting and logging URLs from emails and various smtp anomaly detection heuristics to help flag phishing emails

spicy-analyzers

By zeek

spicy-dhcp

By zeek

Spicy-based analyzer for the DHCP protocol.

spicy-dns

By zeek

Spicy-based analyzer for the DNS protocol.

spicy-http

By zeek

Spicy-based analyzer for the HTTP protocol.

spicy-ldap

By zeek

An LDAP analyzer based on Spicy

spicy-pe

By zeek

Spicy-based analyzer for the Portable Executable (PE) image format

spicy-plugin

By zeek

spicy-png

By zeek

Spicy-based analyzer for the PNG file format.

spicy-tftp

By zeek

Spicy-based analyzer for the TFTP protocol.

spicy-zip

By zeek

Spicy-based analyzer for the ZIP file format.

spl-spt

By micrictor

A package that creates a log for sequences of packet lengths and times, allowing for new analytics based on these data features.

ssl-extensions

By anthonykasza

A proof-of-concept demonstrating scriptland parsing and event routing for all SSL extensions

ssn-exposure

By sethhall

Detect US Social Security numbers in HTTP and SMTP with Bro.

suppress-ssl-notices

By chrisanag1985

A Module that tries to minimize the noise from the SSL::Invalid_Server_Cert notices.

tcprs

By jswaro

TCP Retransmission and State Analyzer plugin for Bro.

top-dns

By corelight

Log the top DNS queries being requested.

uap-bro

By vitalyrepin

User Agent Parser - Bro implementation based on uap-core

unknown-mime-type-discovery

By sethhall

Help Zeek by finding unidentified file types.