Packages
By precurse
Checks for HTTP anomalies typically used for attacking.
By justinazoff
A broctl plugin that enables jemalloc profiling
By dopheide
Detect exploit attempt of HP JetDirect printers
By corelight
This package provides some basic analysis for JPEG files.
By seisollc
A Zeek log writer plugin that publishes to Kafka.
By dopheide
This script expands the base known-hosts policy to include reverse DNS queries and syncs it across all workers.
By dopheide
This script provides the ability to monitor and throw notices for outbound connections to a list of watched countries. It also adds orig and resp country codes to conn.log. It depends on having libmaxmind configured for GeoIP lookups.
By esnet-security
This script expands the base known-services policy to include is_local_orig flag to indicate if the service was discovered from non-local nets (is_local_orig =F) or from local nets (is_local_orig=T).
By reshadp
Add MAC address to all logs.
By sethhall
Add all HTTP headers and values to the HTTP log.
By corelight
Find and log long-lived connections into a "conn_long" log.
By corelight
This package provides some basic analysis for Mach-o files.
By zeek
Additional hashing functions for Zeek, started with MurmurHash3.
By zeek
Packet source plugin that provides native Netmap support.
By 0xxon
Perform regular network measurements and report results.
By rvictory
Monitors for new domains being queried for and raises a notice for them
Page 10 of 13, showing 20 record(s) out of 253 total