Packages

zeek-open-connections

By activecm

Find and log open, long-lived connections into a "conn_long" log.

zeek-openvpn

By corelight

A Zeek OpenVPN Protocol Analyzer

zeek-quic

By corelight

Detects the Google QUIC (GQUIC) protocol and adds "gquic" to conn.log's "service" field.

zeek-spicy-facefish

By corelight

A Facefish rootkit detector, based on Spicy.

zeek-spicy-ipsec

By corelight

An IPSec Zeek protocol analyzer based on Spicy.

zeek-spicy-openvpn

By corelight

A Zeek OpenVPN protocol analyzer, based on Spicy.

zeek-spicy-ospf

By corelight

A Zeek OSPF packet analyzer, based on Spicy.

zeek-spicy-stun

By corelight

A Zeek STUN protocol analyzer based on Spicy.

zeek-spicy-wireguard

By corelight

A Wireguard VPN protocol analyzer, based on Spicy.

zeek-xor-exe-plugin

By corelight

A plugin to find Windows executables that have been XOR encoded.

zerologon

By corelight

Detects Zerologon (CVE-2020-1472) attempts and exploits.

ztest

By corelight

A Zeek Unit Testing Framework

Page 3 of 3, showing 12 record(s) out of 52 total