GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → zeek → Zeek

zeek / Zeek

Licence: other
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Programming Languages

C++
36643 projects - #6 most used programming language
Zeek
47 projects
CMake
9771 projects
Yacc
648 projects
shell
77523 projects
Lex
420 projects

Labels

securitydfirnetwork-monitoringpcapbronsmzeek

Projects that are alternatives of or similar to Zeek

zeek-docs
Documentation for Zeek
Stars: ✭ 41 (-99.02%)
Mutual labels:  pcap, dfir, bro, network-monitoring, nsm, zeek
Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-99.09%)
Mutual labels:  pcap, bro, network-monitoring, zeek
Arkime
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Stars: ✭ 4,994 (+19.47%)
Mutual labels:  network-monitoring, pcap, nsm
Ivre
Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (-44.23%)
Mutual labels:  network-monitoring, bro, zeek
ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (-35.12%)
Mutual labels:  bro, network-monitoring, zeek
Suricata
Suricata git repository maintained by the OISF
Stars: ✭ 2,274 (-45.6%)
Mutual labels:  network-monitoring, nsm
Nfstream
NFStream: a Flexible Network Data Analysis Framework.
Stars: ✭ 622 (-85.12%)
Mutual labels:  network-monitoring, pcap
awesome-bro
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
Stars: ✭ 31 (-99.26%)
Mutual labels:  bro, nsm
NetworkAlarm
A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-99.59%)
Mutual labels:  pcap, network-monitoring
MegaDev
Bro IDS + ELK Stack to detect and block data exfiltration
Stars: ✭ 46 (-98.9%)
Mutual labels:  bro, zeek
network-tools
Network Tools
Stars: ✭ 27 (-99.35%)
Mutual labels:  pcap, network-monitoring
Passer
Passive service locator, a python sniffer that identifies servers, clients, names and much more
Stars: ✭ 144 (-96.56%)
Mutual labels:  network-monitoring, pcap
Packages
The default package source of the Zeek Package Manager
Stars: ✭ 94 (-97.75%)
Mutual labels:  network-monitoring, pcap
docker-zeek
Zeek IDS Dockerfile
Stars: ✭ 82 (-98.04%)
Mutual labels:  network-monitoring, zeek
graylog-zeek-content-pack
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Stars: ✭ 18 (-99.57%)
Mutual labels:  bro, zeek
brimcap
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Stars: ✭ 22 (-99.47%)
Mutual labels:  pcap, zeek
Malcom
Malcom - Malware Communications Analyzer
Stars: ✭ 988 (-76.36%)
Mutual labels:  pcap, dfir
flow-indexer
Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
Stars: ✭ 43 (-98.97%)
Mutual labels:  pcap, bro
Poseidon
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
Stars: ✭ 310 (-92.58%)
Mutual labels:  network-monitoring, pcap
Security Onion
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Stars: ✭ 2,956 (-29.28%)
Mutual labels:  dfir, nsm
View All Similar Projects ➔

Zeek Logo

The Zeek Network Security Monitor

A powerful framework for network traffic analysis and security monitoring.

Key FeaturesDocumentationGetting StartedDevelopmentLicense

Follow us on Twitter at @zeekurity.

Coverage Status

Key Features

  • In-depth Analysis Zeek ships with analyzers for many protocols, enabling high-level semantic analysis at the application layer.

  • Adaptable and Flexible Zeek's domain-specific scripting language enables site-specific monitoring policies and means that it is not restricted to any particular detection approach.

  • Efficient Zeek targets high-performance networks and is used operationally at a variety of large sites.

  • Highly Stateful Zeek keeps extensive application-layer state about the network it monitors and provides a high-level archive of a network's activity.

Getting Started

The best place to find information about getting started with Zeek is our web site www.zeek.org, specifically the documentation section there. On the web site you can also find downloads for stable releases, tutorials on getting Zeek set up, and many other useful resources.

You can find release notes in NEWS, and a complete record of all changes in CHANGES.

To work with the most recent code from the development branch of Zeek, clone the master git repository:

git clone --recursive https://github.com/zeek/zeek

With all dependencies in place, build and install:

./configure && make && sudo make install

Write your first Zeek script:

# File "hello.zeek"

event zeek_init()
    {
    print "Hello World!";
    }

And run it:

zeek hello.zeek

For learning more about the Zeek scripting language, try.zeek.org is a great resource.

Development

Zeek is developed on GitHub by its community. We welcome contributions. Working on an open source project like Zeek can be an incredibly rewarding experience and, packet by packet, makes the Internet a little safer. Today, as a result of countless contributions, Zeek is used operationally around the world by major companies and educational and scientific institutions alike for securing their cyber infrastructure.

If you're interested in getting involved, we collect feature requests and issues on GitHub here and you might find these to be a good place to get started. More information on Zeek's development can be found here, and information about its community and mailing lists (which are fairly active) can be found here.

License

Zeek comes with a BSD license, allowing for free use with virtually no restrictions. You can find it here.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].