Skip to content

Navigation Menu

corelight

Explore
For
- Enterprise
- Teams
- Startups
- Education
By Solution
Resources
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

Corelight, Inc.

Corelight is the most powerful network visibility solution for information security professionals, founded by the creators of open-source Zeek.

131 followers
San Francisco, CA
http://www.corelight.com
info@corelight.com

Overview
Repositories
Projects
Packages
People

More

Overview
Repositories
Projects
Packages
People

Popular repositories

zeek-cheatsheets zeek-cheatsheets Public

Zeek Log Cheatsheets

278 43
community-id-spec community-id-spec Public

An open standard for hashing network flows into identifiers, a.k.a "Community IDs".

Python 163 25
threat-hunting-guide threat-hunting-guide Public

39 11
raspi-corelight raspi-corelight Public

Corelight@Home script

Shell 36 5
ripple20 ripple20 Public

A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.

Zeek 34 7
ecs-mapping ecs-mapping Public

Mapping Corelight or Zeek data to Elastic Common Schema fields

33 16

Repositories

Type

Select type

All Public Sources Forks Archived Mirrors Templates

Language

Select language

All Bro C C++ CMake Dockerfile Go HTML JavaScript Jinja LookML Perl Python Ruby Rust Shell Standard ML Zeek

Sort

Select order

Last updated Name Stars

Showing 10 of 129 repositories

ExtendIntel Public
This package extends the Intel package to log more fields

Zeek 0 0 0 0 Updated Apr 25, 2024
Zeek-Endpoint-Enrichment Public

Zeek 0 1 0 0 Updated Apr 25, 2024
icannTLD Public
Zeek script using the official ICANN Top-Level Domain (TLD) list with the Input Framework to extract the relevant information from a DNS query and mark whether it's trusted or not. The source of the ICANN TLD's can be found here: https://publicsuffix.org/list/effective_tld_names.dat. The Trusted Domains list is a custom list, created by the user…

Zeek 4 6 0 0 Updated Apr 25, 2024
http-more-files-names Public
Add more filenames to files.log from HTTP requests

Zeek 2 BSD-3-Clause 0 0 0 Updated Apr 23, 2024
ecs-templates Public
Corelight or Zeek Elastic Common Schema Templates

Python 7 BSD-3-Clause 4 2 0 Updated Apr 19, 2024
ecs-logstash-mappings Public
Mapping Corelight or Zeek data to Elastic Common Schema logs

11 BSD-3-Clause 4 1 0 Updated Apr 19, 2024
ecs-mapping Public
Mapping Corelight or Zeek data to Elastic Common Schema fields

33 BSD-3-Clause 16 1 0 Updated Apr 19, 2024
json-tcp-lb Public
line based tcp load balancing proxy.

Go 13 BSD-3-Clause 3 1 1 Updated Apr 16, 2024
zeek-notice-telegram Public
Send Notices as messages over Telegram

Zeek 1 BSD-3-Clause 3 1 0 Updated Apr 15, 2024
suricata_exporter Public
A Prometheus Exporter for Suricata

Go 11 BSD-3-Clause 9 2 0 Updated Mar 20, 2024

View all repositories

People

Top languages

Zeek Python Dockerfile Shell Bro

Most used topics

zeek network-monitoring network-security network-analysis network-security-monitoring

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.