Packages
By esnet
Prometheus exporter for Zeek performance data
By corelight
This plugin adds support for shell-style glob
patterns when loading Zeek scripts. For example, saying
"@load startup.d/*.zeek" will load any Zeek scripts
with a .zeek suffix from the startup.d folder.
By corelight
A Zeek based Gozi malware detector.
By precurse
Checks for HTTP anomalies typically used for attacking.
By justinazoff
A broctl plugin that enables jemalloc profiling
By dopheide
Detect exploit attempt of HP JetDirect printers
By corelight
This package provides some basic analysis for JPEG files.
By seisollc
A Zeek log writer plugin that publishes to Kafka.
By dopheide
This script expands the base known-hosts policy to include reverse DNS queries and syncs it across all workers.
By dopheide
This script provides the ability to monitor and throw notices for outbound connections to a list of watched countries. It also adds orig and resp country codes to conn.log. It depends on having libmaxmind configured for GeoIP lookups.
By esnet-security
This script expands the base known-services policy to include is_local_orig flag to indicate if the service was discovered from non-local nets (is_local_orig =F) or from local nets (is_local_orig=T).
By reshadp
Add MAC address to all logs.
By sethhall
Add all HTTP headers and values to the HTTP log.
By corelight
Find and log long-lived connections into a "conn_long" log.
By corelight
This package provides some basic analysis for Mach-o files.
By zeek
Additional hashing functions for Zeek, started with MurmurHash3.
By zeek
Packet source plugin that provides native Netmap support.
Page 10 of 13, showing 20 record(s) out of 256 total