Packages
By jbaggs
A module for tracking and correlating abnormal DNS behavior. Detection of tunneling and C&C through connection duration and volume, request and answer size, DNS request type, and unique queries per domain. Statistical classification of fast flux networks based on A records and ASNs.
By stevesmoot
Leverage nDPI and other info to make informed guess at the application for a connection.
By sethhall
Packet source plugin that provides native Myricom SNF v3+v4 support.
By sethhall
Detect credit card numbers in HTTP and SMTP with Bro.
By sethhall
A library for getting the "effective tld" of a domain name.
By j-gras
Additional seen-triggers for Zeek's intelligence framework.
By sethhall
Detect US Social Security numbers in HTTP and SMTP with Bro.
By corelight
Log the top DNS queries being requested.
By sethhall
Help Zeek by finding unidentified file types.
By sethhall
Add all HTTP headers and values to the HTTP log.
By rvictory
Monitors for new domains being queried for and raises a notice for them
Page 1 of 1, showing 11 record(s) out of 11 total