- Berkeley, CA, near β
- https://www.icir.org/christian
- @ckreibich@mastodon.coffee
- https://verymanypixels.tumblr.com
Stars
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Log per connection footprints for debugging
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
GNU/Linux/nix client for DroidCam
CVE-2021-38647 AKA "OMIGOD" vulnerability in Windows OMI
A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
AI-Powered Photos App for the Decentralized Web ππβ¨
idaholab / Malcolm
Forked from cisagov/MalcolmMalcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
Zeek support for Community ID flow hashing.
A GitHub Action for testing and installing Zeek packages
A tool for exploring each layer in a docker image
pcapML standardizes network traffic analysis datasets by directly encoding metadata information into raw traffic captures
A Zeek log writer plugin that publishes to Kafka.
darktable is an open source photography workflow application and raw developer
Gather and print field descriptions for all Zeek logs.
PCAP next generation file format specification
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
π Threat Bus β A threat intelligence dissemination layer for open-source security tools.
Expression Search is a Thunderbird addon that add search features like Gmail
Reverse engineering of Validity/Synaptics 138a:0090, 138a:0094, 138a:0097, 06cb:0081, 06cb:009a fingerprint readers protocol