This blog is a brief story of a few points that occurred to me during the less than 24 hours it took to turn around this package from dev to testing.
In this post I am going to walk you through the process I used to develop a package called “my_stats” that pulls memory information from a running...
To assist in detecting Zerologon (CVE-2020-1472), we’ve open sourced a Zeek package that detects both attempted and successful exploits.
We’ve just open sourced a Zeek package that detects exploit attempts and successes. This package demonstrates a couple of aspects that are worth...
Today we are open sourcing a Zeek package that passively detects the presence of some of the tell-tale signs that Treck devices can exhibit.
In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...
Find a technical description of the bug, how it can be detected in network traffic, and how a short Zeek script can detect vulnerable servers.
By allowing the attacker to essentially force a connection to an arbitrary URL, CallStranger can be used in these three key ways.
Open source Zeek is capable of analyzing RDP connections and does a fantastic job handling the many options and configurations the RDP protocol...