Packages

CVE-2020-16898

By corelight

A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability) AKA BadNeighbor

cve-2020-16898

By esnet-security

Detects CVE-2020-16898: "Bad Neighbor"

logfilter

By esnet-security

Enables plugins to write fine-grained policy for log filtering, modification, and path customization.

zeek_scram

By esnet-security

Zeek script for interacting with the SCRAM client

zeek-ebury

By esnet-security

This script attempts to detect the Ebury ssh backdoor based on having base64 in the ssh client string.

Zeek-Known-Services-With-OrigFlag

By esnet-security

This script expands the base known-services policy to include is_local_orig flag to indicate if the service was discovered from non-local nets (is_local_orig =F) or from local nets (is_local_orig=T).

zeek-outbound-known-services-with-origflag

By esnet-security

This script expands the base known-services policy to include is_local_orig flag to indicate if an outbound service was discovered from non-local nets (is_local_orig =F) or from local nets (is_local_orig=T).

Page 1 of 1, showing 7 record(s) out of 7 total