• Stars
    star
    47
  • Rank 604,252 (Top 12 %)
  • Language Bro
  • Created almost 12 years ago
  • Updated almost 11 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.

More Repositories

1

bro-scripts

Various Bro scripts
Bro
38
star
2

zeek-junk-drawer

Zeek Junk Drawer - Just some scripts and a place to put them
Zeek
27
star
3

mailmate-keybindings

My personal MailMate keybindings file
16
star
4

ssn-exposure

Detect US Social Security Numbers with Zeek
Zeek
16
star
5

credit-card-exposure

Detect credit card exposures with Bro
Zeek
15
star
6

bro-securityonion

Bro Scripts for SecurityOnion
Bro
14
star
7

domain-tld

Zeek script library for getting the effective TLD of a domain.
Zeek
13
star
8

bro-domain-generation

Bro script module for detecting malware using domain generation algorithms.
Bro
13
star
9

nsq-to-es

NSQ to Elasticsearch transport utility.
Go
12
star
10

bro.tmbundle

Textmate bundle for Bro support
Python
6
star
11

bro-bulkflows

Bro scripts to filter out large and fast flows.
Bro
6
star
12

intel-ext

Extension for the Intel Framework in Bro 2.3 (deprecated by 2.5!)
Bro
6
star
13

bro-myricom

Bro plugin to receive packets through the Myricom Sniffer API
C++
5
star
14

bro-dblogger

Utility for logging data from the Bro Intrusion Detection System directly to PostgreSQL <- Deprecated! This project is only here for historical curiosity now.
C++
4
star
15

zeek-log-all-http-headers

Zeek package to log all HTTP headers and header values
Zeek
4
star
16

brophant

Phant.io support for Bro
Bro
2
star
17

zeek-game-of-life

Conway's Game of Life implemented in the Zeek scripting language
Zeek
2
star
18

prometheus-grafana

Prometheus and Grafana set up with Docker Compose
2
star
19

unknown-mime-type-discovery

Zeek package for logging snippets of files without discovered mime types
Zeek
2
star
20

personal-site

My personal website.
Ruby
1
star
21

microsoft

Microsoft!
1
star
22

relog

Module for Bro to reimport existing Bro logs and re-log them.
Bro
1
star
23

bro-brainfuck

A Brainfuck interpreter for Bro
Bro
1
star
24

ldap-analyzer

Bro analyzer for LDAP write operations
JavaScript
1
star
25

bro-malwarehashregistry

Integrate Bro with Team Cymru's Malware Hash Registry
Bro
1
star
26

bro-approxidate

Approxidate time plugin for Bro
C
1
star