We're committed to providing users with access to the richest stream of network detection and response data possible. Discover parsers for new protocols, data analyzers, malware detectors, supporting documentation, and more, here.
Collections of scripts and plug-ins created for Corelight Sensors that detect malicious behaviors and expand on Zeek data.
Zeek Open Source Packages
- JPEG File Analyzer - Logs additional information about JPEG images
- ELF File Analyzer - Logs additional information about ELF based executable files
- RedXOR C2 Detector - Detects RedXOR malware by looking for it’s command and control network traffic
- ZeroLogin Detector - Detects network traffic specific to the ZeroLogin vulnerabilities
Query a full list of all Zeek packages: