Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science

Run zeek with zeekctl in docker

A curated toolkit and knowledge base for SIEM using Elasticsearch, Kibana, and Zeek. Dive into log analysis, anomaly detection, for SOC and SIEM practices.

A Zeek log writer plugin that publishes to Kafka.

Corelight@Home (Raspberry Pi) in a docker container

This project is a SIEM with SIRP and Threat Intel, all in one.

Scripts written in BASH, PowerShell, Python, and other languages.

Use tcpreplay to slowly feed arbitrary pcaps to Zeek via dummy0 NIC. Impress your friends.

Spicy-based IGMP packet analyzer for Zeek

Zeek Vulnerabilitie Scanner

This system is a combination of 3 open-source tools that include Zeek for Intrusion Detection System (IDS), StratosphereIPS for the machine learning Process, and ELK Stack for log management and SIEM.

A simple Bash script made for transform Zeek logs into a csv format

A dockerized demo for illustrating how Confluent can be used in a SIEM Modernization use case.

Cyber threat detection and analysis platform

Alpine Linux based Filebeat Docker Image

get up and running with Zeek in no time!