Packages
By zeek
Spicy-based analyzer for the DHCP protocol.
By zeek
Spicy-based analyzer for the DNS protocol.
By zeek
Spicy-based analyzer for the HTTP protocol.
By zeek
An LDAP analyzer based on Spicy
By zeek
Spicy-based analyzer for the Portable Executable (PE) image format
By zeek
Spicy-based analyzer for the PNG file format.
By zeek
Spicy-based analyzer for the TFTP protocol.
By zeek
Spicy-based analyzer for the ZIP file format.
By micrictor
A package that creates a log for sequences of packet lengths and times,
allowing for new analytics based on these data features.
By sethhall
Detect US Social Security numbers in HTTP and SMTP with Bro.
By chrisanag1985
A Module that tries to minimize the noise from the SSL::Invalid_Server_Cert notices.
By jswaro
TCP Retransmission and State Analyzer plugin for Bro.
By corelight
Log the top DNS queries being requested.
By vitalyrepin
User Agent Parser - Bro implementation based on uap-core
By sethhall
Help Zeek by finding unidentified file types.
By thibaultbl
Implementing coefficient of variation (standard deviation / average), sort of relative standard deviation.
By dopheide
Attempts to detect an attacker calling to the VENOM Linux Rootkit https://security.web.cern.ch/security/venom.shtml
By initconf
Simple policy to detect VNC (RFB) scanners based on src->dst connection counts
By jbaggs
This script adds a new Intel::WILDCARD_DOMAIN type that matches on the base domain name, regardless of what subdomain may be prepended to it.
Page 8 of 13, showing 20 record(s) out of 255 total