Zeek is an Open-Source Network Intrusion Detection System and a network traffic analyzer that uses a domain-specific scripting language. With Zeek you can detect suspicious signatures and anomalies, track DNS, HTTP, and FTP activity. This tool is capable of automatically downloading suspicious files it spots on the network, sending them for analysis, notifying relevant parties if anything is uncovered, blacklisting the source and shutting down the device that downloaded it. In this path, you will learn how to utilize Zeek in your environment to detect intrusions and anomalies.
Download PDF
There is no claim that this package manager is better or more optimal than the others. The goal is to improve platforms or make things easier. I wrote this package manager for my daily tasks. I am in this philosophy that I try to write everything I need myself and I wanted to make it available to others. and support and accompany us to make the conditions better for ourselves.
Download PDF
There is no claim that this package
Online Document HTML
Online Document in GitLab
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. hXXp://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).
open