Zeek-Formatted Threat Intelligence Feeds
-
Updated
May 15, 2024 - Zeek
Zeek-Formatted Threat Intelligence Feeds
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Extract files from network traffic with Zeek.
Zeek IDS Dockerfile
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
A Zeek script to generate features based on timing, volume and metadata for traffic classification.
Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards
Zeek network security monitor plugin that enables parsing of the S7 protocol
Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol
A Spicy protocol analyzer for WireGuard
Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol
A Zeek ELF File Analyzer
A Zeek JPEG File Analyzer
DoveHawk Passive DNS Collector Module for Zeek
Zeek Package that extracts features from IRC communication
Add a description, image, and links to the zeek topic page so that developers can more easily learn about it.
To associate your repository with the zeek topic, visit your repo's landing page and select "manage topics."