Zeek-Formatted Threat Intelligence Feeds
-
Updated
Jun 13, 2024 - Zeek
Zeek-Formatted Threat Intelligence Feeds
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Open source security data pipelines.
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.
Language server for Zeek script
Repository for configuration files, scripts, code, and other information on the Watchtower Stack
Terraform for Corelight's Sensor Configuration.
Terraform for Corelight's GCP Cloud Enrichment.
Terraform for Corelight's AWS Cloud Enrichment.
Terraform for Corelight's Azure Cloud Enrichment.
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
Add a description, image, and links to the zeek topic page so that developers can more easily learn about it.
To associate your repository with the zeek topic, visit your repo's landing page and select "manage topics."