bro-ids

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

翻译 - 真实情报威胁分析

Bro IDS Dockerfile

A lightweight tool to score network traffic and flag anomalies

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

brostash: Linux distribution based on Debian and focusing on network security events collection

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Materials for the BSides NoVA/Charleston 2018 Bro Workshop

Docker based Zeek IDS worker cluster

将bro日志输出到elk里面

BILA: BRO IDS Logs Analyzer

Brostash Logstash pipeline

Porting Suricata to Bro signatures

Look for un-sinkholed C&C IPs in your Bro logs (from Bambanek Consulting C&C master list)

Simple logfile parser for Bro IDS

Malice Bro Plugin

Integration of Bro-IDS and ELK stack

Bro IDS useful scripts

OWAMP protocol analyzer plugin for Bro/Zeek

Module Bro NIDS for Probe Manager

🐦 A fluentd config for zeek