A Zeek package that generates schemas for your log files.

✨ Magical shell history

Elastic version of SOC prime watcher rules

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

Growing collection of Spicy-based protocol and file analyzers for Zeek

Steve McCanne's Sharkfest '21 Talk

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Please no pull requests for this repository. Thanks!

Because sometimes you need to do it live

A python package to indent Zeek scripts per the Whitesmiths coding style.

A set of Zeek scripts to detect ATT&CK techniques.

Kafka connector to sync Zed lakes to and from Kafka topics

A Zeek plugin to POST logs over HTTP.

The AWS Provider enables Terraform to manage AWS resources.

Cyber Analytics Repository

Docker image with files for IEC-104 parser

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Bro IDS programs collection.

Bro analyzer that detects Google's QUIC protocol

🔧 .files, including ~/.macos — sensible hacker defaults for macOS

Ready to run scripts for network analysis

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

A batch script to demonstrate complex Microsoft Office deployments

A deblocking JPEG decoder

An OAuth2 library for Google Apps Script.

Serverless Golang deploy tool and framework for AWS Lambda

A high-performance 100% compatible drop-in replacement of "encoding/json"

Retryable, failure tolerant, and adaptive Golang HTTP client transports

Autocode CLI and standard library tooling