bro-ids
There are 25 repositories under bro-ids topic.
activecm/rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
blacktop/docker-bro
Bro IDS Dockerfile
alphasoc/nfr
A lightweight tool to score network traffic and flag anomalies
tylabs/dovehawk
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
binorassocies/brostash
brostash: Linux distribution based on Debian and focusing on network security events collection
clong/vagrant-ids
An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
andrewbeard/broworkshop
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
0snap/zeek-cluster
Docker based Zeek IDS worker cluster
al0ne/Bro-ELK
将bro日志输出到elk里面
ahmadjd94/Bro-ID-Log-Analyzer
BILA: BRO IDS Logs Analyzer
adi928/brocata
Porting Suricata to Bro signatures
binorassocies/brostash-pipeline
Brostash Logstash pipeline
elnappo/bro-log-parser
Simple logfile parser for Bro IDS
mellow-hype/c2finder
Look for un-sinkholed C&C IPs in your Bro logs (from Bambanek Consulting C&C master list)
binorassocies/bro-scripts
Bro IDS useful scripts
malice-plugins/bro
Malice Bro Plugin
u439/Bro-Elk
Integration of Bro-IDS and ELK stack
picatz/fluentd-zeek-conf
🐦 A fluentd config for zeek
treussart/ProbeManager_Bro
Module Bro NIDS for Probe Manager
esnet/zeek_perfsonar_owamp
OWAMP protocol analyzer plugin for Bro/Zeek
MikelMoreno/ParseZeekLogs
Utility for parsing Bro log files into CSV or JSON format
alexisfacques/buildroot-bro
Patches for cross-compiling Bro IDS with Buildroot.
jodevsa/BroJS
a bro client library for NodeJS
jodevsa/BroRest
restful API for Bro IDS
mellow-hype/dockerized-elk
ELK stack with docker-compose