Corelight, Inc.

Repositories

• Ansible-Software-Sensor

  Ansible Role to install and configure Corelight Software Sensors
  0 0 0 0 Updated Aug 13, 2020

• corelight-client

  Corelight Sensor API command-line client
  Python 1 8 0 0 Updated Aug 13, 2020

• Ansible-Suricata-update
  0 0 0 0 Updated Aug 6, 2020

• Ansible-Suricata-update-cron-job

  Ansible Role to run Suricata-update via a Cron Job from a dedicated host to update Suricata rules for Corelight Sensors (Software Sensors and Physical Sensors (even Fleet managed sensors)..
  0 0 0 0 Updated Aug 6, 2020

• icannTLD

  Zeek script using the official ICANN Top-Level Domain (TLD) list with the Input Framework to extract the relevant information from a DNS query and mark whether it's trusted or not. The source of the ICANN TLD's can be found here: https://publicsuffix.org/list/effective_tld_names.dat. The Trusted Domains list is a custom list, created by the user…
  Zeek 1 1 0 0 Updated Aug 5, 2020

• ecs-mapping

  Mapping Corelight or Zeek data to Elastic Common Schema fields
  Shell BSD-3-Clause 5 13 0 0 Updated Aug 4, 2020

• docker-terraform-serverless

  Dockerfile building Serverless with Terraform for CI/CD
  Dockerfile MIT 1 3 0 1 Updated Jul 31, 2020

• Dashboards-Splunk-DNS-Hunting-Beaconing

  DNS Dashboard for hunting and identifying beaconing

  hunting dns-dashboard
  0 3 0 0 Updated Jul 29, 2020

• CVE-2020-5902-F5BigIP

  A network detection package for CVE-2020-5902, a CVE10.0 vulnerability affecting F5 Networks, Inc BIG-IP devices.
  Zeek BSD-3-Clause 0 3 0 0 Updated Jul 29, 2020

• zeek-netmap

  Forked from zeek/bro-netmap

  Native Netmap Packet IOSource for Bro/Zeek
  C 5 0 0 0 Updated Jul 28, 2020

• zeek-community-id

  Zeek support for "community ID" flow hashing.
  Shell 14 24 1 1 Updated Jul 26, 2020

• bro-quic

  Bro analyzer that detects Google's QUIC protocol
  JavaScript 3 7 0 0 Updated Jul 22, 2020

• bro-xor-exe-plugin

  Bro plugin to detect and decrypt XOR-encrypted EXEs
  C++ 1 3 1 0 Updated Jul 21, 2020

• SIGRed

  Detection of attempts to exploit Microsoft Windows DNS server via CVE-2020-1350 (AKA SIGRed)
  Zeek BSD-3-Clause 1 6 0 0 Updated Jul 20, 2020

• json-streaming-logs

  Bro script package to create JSON formatted logs to stream into data analysis systems.
  Bro BSD-2-Clause 6 19 2 2 Updated Jul 19, 2020

• ripple20

  A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
  Zeek BSD-3-Clause 3 14 0 0 Updated Jul 10, 2020

• json-tcp-lb

  line based tcp load balancing proxy.
  Go BSD-3-Clause 1 5 0 0 Updated Jul 10, 2020

• package-manager

  Forked from zeek/package-manager

  A package manager for Zeek
  Python 20 0 0 0 Updated Jul 3, 2020

• docker-fleet-api-ci

  Ubuntu-based builder including Go, NPM and Ruby tool FPM (for fleet-api)
  Dockerfile MIT 4 4 0 1 Updated Jul 2, 2020

• top-dns

  Top DNS Measurement for Bro
  Zeek BSD-3-Clause 8 9 1 0 Updated Jul 1, 2020

• zeek-macho

  A Zeek Mach-o File Analyzer

  network-monitoring network-analysis network-security zeek
  Zeek BSD-3-Clause 2 5 0 0 Updated Jun 30, 2020

• zeek-jpeg

  A Zeek JPEG File Analyzer

  network-monitoring network-analysis network-security zeek
  Zeek BSD-3-Clause 1 3 0 0 Updated Jun 30, 2020

• zeek-elf

  A Zeek ELF File Analyzer

  network-monitoring network-analysis network-security zeek
  Zeek BSD-3-Clause 3 8 0 0 Updated Jun 30, 2020

• zeek

  Forked from zeek/zeek

  Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
  C++ 862 0 0 0 Updated Jun 30, 2020

• callstranger-detector

  Zeek Plugin that detects CallStranger (CVE-2020-12695) attempts (http://callstranger.com/)
  Zeek BSD-3-Clause 0 4 0 0 Updated Jun 10, 2020

• bro-long-connections

  Bro package for tracking long connections to report them before they have completed.
  Zeek 12 18 2 0 Updated Jun 10, 2020

• cwrap

  Auto wrap C and C++ functions with instrumentation

  debugging instrumentation tracing performance-analysis comprehension
  Perl MIT 1 8 0 0 Updated May 16, 2020

• docker-latex-sphinx

  Documentation generator capable of producing PDFs using LaTeX and Sphinx
  Dockerfile MIT 1 0 0 0 Updated May 7, 2020

• docker-aws-sphinx

  Alpine-based builder/publisher for documentation with aws-cli and Sphinx
  Dockerfile MIT 2 0 0 0 Updated May 7, 2020

• zeek-sonification

  Simple tools to allow you to "listen" to your Zeek logs - hear days worth of network activity in seconds!
  Ruby BSD-3-Clause 0 0 0 0 Updated Apr 22, 2020