bro

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.

Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark

An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.

The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.

Bro IDS Dockerfile

Extract files from network traffic with Zeek.

Zeek's Messaging Library

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Documentation for Zeek

A package manager for Zeek

Zeek (formerly Bro) Network Security Monitor package for pfSense router/firewall

Bro IDS + ELK Stack to detect and block data exfiltration

Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files

A list of your various social statii.

brostash: Linux distribution based on Debian and focusing on network security events collection

Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))

Integrate Zeek with Alienvault OTX

Bro - A super fast stylesheet language for cool kids! Alternative to SassC, DartSass SassJS and Less.

Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.