{"payload":{"pageCount":2,"repositories":[{"type":"Public","name":"log-add-http-post-bodies","owner":"corelight","isFork":false,"description":"Add POST body excerpt to Bro's HTTP log","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":14,"forksCount":10,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-15T17:44:29.474Z"}},{"type":"Public","name":"hassh","owner":"corelight","isFork":false,"description":"Fingerprint SSH clients and servers.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":0,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-09T06:39:48.905Z"}},{"type":"Public","name":"Zeek-Endpoint-Enrichment","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":1,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-29T17:51:45.119Z"}},{"type":"Public","name":"ExtendIntel","owner":"corelight","isFork":false,"description":"This package extends the Intel package to log more fields","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-03T19:26:12.824Z"}},{"type":"Public","name":"icannTLD","owner":"corelight","isFork":false,"description":"Zeek script using the official ICANN Top-Level Domain (TLD) list with the Input Framework to extract the relevant information from a DNS query and mark whether it's trusted or not. The source of the ICANN TLD's can be found here: <a href=\"https://publicsuffix.org/list/effective_tld_names.dat\" rel=\"nofollow\">https://publicsuffix.org/list/effective_tld_names.dat</a>. The Trusted Domains list is a custom list, created by the user…","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":4,"forksCount":6,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-25T12:51:40.782Z"}},{"type":"Public","name":"http-more-files-names","owner":"corelight","isFork":false,"description":"Add more filenames to files.log from HTTP requests","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-23T20:23:39.781Z"}},{"type":"Public","name":"zeek-notice-telegram","owner":"corelight","isFork":false,"description":"Send Notices as messages over Telegram","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":1,"starsCount":1,"forksCount":3,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-15T21:34:41.648Z"}},{"type":"Public","name":"CVE-2021-38647-noimages","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-13T20:05:21.182Z"}},{"type":"Public","name":"PetitPotam-notest","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-13T20:03:08.624Z"}},{"type":"Public","name":"Zeek-CVE-Enrichment","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":1,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-12T15:26:19.071Z"}},{"type":"Public","name":"Zeek-Endpoint-Enrichment-all","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-12T14:10:54.018Z"}},{"type":"Public","name":"Zeek-Endpoint-Enrichment-conn","owner":"corelight","isFork":false,"description":"Enrich the conn.log with EDR data","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-12T14:09:49.404Z"}},{"type":"Public","name":"cve-2021-44228","owner":"corelight","isFork":false,"description":"Log4j Exploit Detection Logic for Zeek","allTopics":["zeek","cve-2021-44228"],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":1,"issueCount":10,"starsCount":18,"forksCount":8,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-04T18:38:58.189Z"}},{"type":"Public","name":"zeek-elf","owner":"corelight","isFork":false,"description":"A Zeek ELF File Analyzer","allTopics":["network-monitoring","network-analysis","network-security","zeek"],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":11,"forksCount":7,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-01-23T15:40:06.742Z"}},{"type":"Public","name":"detect-ransomware-filenames","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":17,"forksCount":10,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-01-04T16:02:42.183Z"}},{"type":"Public","name":"zeek-gozi-detector","owner":"corelight","isFork":false,"description":"A Zeek based Gozi banking malware detector.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":1,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-12-07T15:12:38.336Z"}},{"type":"Public","name":"json-streaming-logs","owner":"corelight","isFork":false,"description":"Bro script package to create JSON formatted logs to stream into data analysis systems.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":2,"starsCount":27,"forksCount":11,"license":"BSD 2-Clause \"Simplified\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-11-28T22:23:32.259Z"}},{"type":"Public","name":"zeek-spicy-ipsec","owner":"corelight","isFork":false,"description":"A Zeek IPSec protocol analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":5,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-10-27T15:57:45.842Z"}},{"type":"Public","name":"zeek-spicy-stun","owner":"corelight","isFork":false,"description":"A Zeek STUN protocol analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":3,"starsCount":4,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-10-20T19:18:29.163Z"}},{"type":"Public","name":"zeek-spicy-wireguard","owner":"corelight","isFork":false,"description":"A Zeek Wireguard protocol analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":4,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-26T13:26:52.435Z"}},{"type":"Public","name":"zeek-spicy-openvpn","owner":"corelight","isFork":false,"description":"A Zeek OpenVPN protocol analyzer, based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":8,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-26T13:21:12.747Z"}},{"type":"Public","name":"zeek-community-id","owner":"corelight","isFork":false,"description":"Zeek support for Community ID flow hashing.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":2,"starsCount":32,"forksCount":18,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-11T19:21:34.029Z"}},{"type":"Public","name":"CVE-2022-30216","owner":"corelight","isFork":false,"description":"Zeek detection logic for CVE-2022-30216.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":5,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-04-04T20:11:10.427Z"}},{"type":"Public","name":"CVE-2022-24491","owner":"corelight","isFork":false,"description":"A Zeek CVE-2022-24491 detector.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":3,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-03-27T15:20:04.646Z"}},{"type":"Public","name":"zeek-spicy-ospf","owner":"corelight","isFork":false,"description":"A Zeek OSPF packet analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":7,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-03-13T21:02:52.522Z"}},{"type":"Public","name":"CVE-2022-3602","owner":"corelight","isFork":false,"description":"Detects attempts at exploitation of CVE-2022-3602, a remote code execution vulnerability in OpenSSL v 3.0.0 through v.3.0.6 ","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":4,"forksCount":1,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-11-24T05:17:49.672Z"}},{"type":"Public","name":"callstranger-detector","owner":"corelight","isFork":false,"description":"Zeek Plugin that detects CallStranger (CVE-2020-12695) attempts (<a href=\"http://callstranger.com/\" rel=\"nofollow\">http://callstranger.com/</a>)","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":6,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-10-27T18:13:09.436Z"}},{"type":"Public","name":"cve-2022-22954","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":1,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-09-16T16:09:25.905Z"}},{"type":"Public","name":"log-add-vlan-everywhere","owner":"corelight","isFork":false,"description":"Add VLAN tags to all Zeek logs","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":9,"license":"BSD 2-Clause \"Simplified\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-07-29T15:07:23.904Z"}},{"type":"Public","name":"ripple20","owner":"corelight","isFork":false,"description":"A Zeek package for the passive detection of \"Ripple20\" vulnerabilities in the Treck TCP/IP stack.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":1,"issueCount":1,"starsCount":34,"forksCount":7,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-06-29T20:07:18.755Z"}}],"repositoryCount":60,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"Repositories"}