DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting -- fork of original scientific paper code
-
Updated
Jul 8, 2020 - Python
DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting -- fork of original scientific paper code
This repository has customised scripts of Zeek IDS.
DoveHawk.io Anonymized Outgoing Partial Netflow
Zeek IDS and Zeek-Broker Docker images
🐦 A fluentd config for zeek
Deployment of Zeek on a Raspberry Pi 4B
A log parser for common zeek text logs in Golang.
Templates for writing applications using Zeek NSM communication library Broker
Alpine Linux based Filebeat Docker Image
An operator which calls zeek to nix-ecosystem simply.
A Zeek script to generate features based on timing, volume and metadata for traffic classification.
A completely automated anomaly detector Zeek network flows files (conn.log).
Zeek IDS Dockerfile
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Zeek-Formatted Threat Intelligence Feeds
Add a description, image, and links to the zeek-ids topic page so that developers can more easily learn about it.
To associate your repository with the zeek-ids topic, visit your repo's landing page and select "manage topics."