Packages

bro-large_uploads

By theflakes

Raise notices on outgoing files over X bytes in size. Also raise notices for multiple large outgoing Tx's in Y time frame.

bro-lognorm

By j-gras

This plugin provides liblognorm integration for Zeek.

bro-mongodb

By activecm

Bro IDS/ MongoDB connector.

bro-myricom

By sethhall

Packet source plugin that provides native Myricom SNF v3+v4 support.

bro-napatech

By hosom

Packet source plugin that provides native support for NTAPI

bro-oui

By hosom

Add OUI lookup to Bro.

bro-pf_ring

By ntop

Packet source plugin that provides native PF_RING support.

bro-quic

By dopheide

Attempt to identify QUIC protocol

bro-rita

By activecm

RITA, Bro IDS connector.

bro-shellshock

By corelight

Discover successful ShellShock attacks.

bro-simple-scan

By ncsa

Simple, high performance tcp scan detection

bro-sysmon

By salesforce

Zeek-Sysmon contains a python script that will read in a file, parse JSON Windows Event Logs, generate Zeek events, and forward them to Zeek. Default Zeek-Sysmon scripts log output to files.

bro-xdp_packet-plugin

By irtimmer

This plugin provides native AF_XDP support for Bro.

bro-zeromq-writer

By ncsa

ZeroMQ log writer.

bzar

By mitre-attack

BZAR - Bro/Zeek ATT&CK-based Analytics and Reporting.

conn-burst

By corelight

Identify bursty connections (large and fast)

credit-card-exposure

By sethhall

Detect credit card numbers in HTTP and SMTP with Bro.

cve-2020-0601-plugin

By 0xxon

"Test script for CVE-2020-0601. Binary package, requires OpenSSL 1.1.x"

cve-2020-16898

By esnet-security

Detects CVE-2020-16898: "Bad Neighbor"

CVE-2021-42292

By corelight

A package to detect CVE-2021-42292, a Microsoft Excel priviledge exploit.

Page 2 of 6, showing 20 record(s) out of 118 total