Zeek-Formatted Threat Intelligence Feeds
-
Updated
Oct 12, 2024 - Zeek
Zeek-Formatted Threat Intelligence Feeds
Zeek IDS Dockerfile
A completely automated anomaly detector Zeek network flows files (conn.log).
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
A Zeek script to generate features based on timing, volume and metadata for traffic classification.
Alpine Linux based Filebeat Docker Image
An operator which calls zeek to nix-ecosystem simply.
DoveHawk.io Anonymized Outgoing Partial Netflow
🐦 A fluentd config for zeek
DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting -- fork of original scientific paper code
Deployment of Zeek on a Raspberry Pi 4B
Zeek IDS and Zeek-Broker Docker images
Templates for writing applications using Zeek NSM communication library Broker
This repository has customised scripts of Zeek IDS.
A log parser for common zeek text logs in Golang.
Add a description, image, and links to the zeek-ids topic page so that developers can more easily learn about it.
To associate your repository with the zeek-ids topic, visit your repo's landing page and select "manage topics."