zeek

Star

Here are 175 public repositories matching this topic...

Language:All

Filter by language

All175 Zeek44 Python35 Shell17 C++12 Go8 HCL7 Jupyter Notebook6 Dockerfile5 Scala4 Jinja3

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

zeek /zeek

Star6.7k

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

security pcap dfir bro network-monitoring nsm zeek

UpdatedMar 16, 2025
C++

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.

security osint network bro nmap scan-ports scans network-discovery hacktoberfest network-security zeek masscan nmap-parser nmap-scripts nmap-results-analyse easm network-recon projectdiscovery network-reconnaissance external-attack-surface-management

UpdatedMar 12, 2025
Python

cisagov /Malcolm

Star2.1k

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

security pcap cybersecurity suricata infosec network-security zeek opensearch network-traffic-analysis networksecurity arkime opensearch-dashboards networktrafficanalysis

UpdatedMar 11, 2025
Python

deepfence /PacketStreamer

Star1.9k

⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐

pcap secops suricata packet-sniffer network-analysis soc hacktoberfest observability traffic-monitoring packet-capture zeek snort security-tools tcpdump-like infosectools forensics-tools

UpdatedJul 1, 2024
Go

cisagov /LME

Star977

Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-time alerting, helping small to medium-sized organizations secure their infrastructure.

security elasticsearch log logging elk cybersecurity elastic network-analysis zeek elk-stack security-tools

UpdatedMar 13, 2025
Python

stratosphereips /StratosphereLinuxIPS

Star752

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.

docker machine-learning pcap ai ids ips network-analysis network-security zeek intrusion-detection-system endpoint-protection intrusion-prevention-system stratosphere-ips gsoc-2023 gsoc-2024

UpdatedMar 17, 2025
Python

tenzir /tenzir

Sponsor

Star670

Tenzir is the data pipeline engine for security teams.

security netflow pcap incident-response pipelines dataops suricata siem sigma soc hacktoberfest zeek investigation threathunting secdataops

UpdatedMar 17, 2025
C++

SuperCowPowers /zat

Sponsor

Star435

Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark

python security kafka spark networking scikit-learn pandas bro data-analysis zeek zeek-analysis

UpdatedJan 16, 2024
Jupyter Notebook

V1D1AN /S1EM

Star428

This project is a SIEM with SIRP and Threat Intel, all in one.

docker elasticsearch kibana logstash filebeat malware suricata misp thehive cortex sigma yara zeek opencti mwdb n8n velociraptor arkime zircolite

UpdatedNov 20, 2024
Shell

idaholab /Malcolm

Star388

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

security pcap cybersecurity suricata infosec network-security zeek opensearch network-traffic-analysis networksecurity arkime opensearch-dashboards networktrafficanalysis