Zeek
zeek.org Server/ VM/ Pi
Zeek (formally Bro) Passively monitors network traffic and looks for suspicious activity.
- Homepage: zeek.org
- GitHub: github.com/zeek/zeek
- Web info: web-check.xyz/results/zeek.org
Zeek Source Code
Author
Description
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Homepage
https://www.zeek.orgLicense
NOASSERTION
Created
06 Jul 12
Last Updated
17 Jan 25
Latest version
Primary Language
C++
Size
181,534 KB
Stars
6,582
Forks
1,231
Watchers
6,582
Language Usage
Star History
Top Contributors
-
@jsiwek (3434)
-
@rsmmr (2774)
-
@timwoj (2298)
-
@0xxon (1862)
-
@awelzel (1305)
-
@vpax (983)
-
@ckreibich (640)
-
@zeek-bot (319)
-
@grigorescu (282)
-
@bbannier (208)
-
@sethhall (181)
-
@MaxKellermann (172)
-
@mavam (129)
-
@J-Gras (115)
-
@Neverlord (107)
-
@srunnels (52)
-
@mauropalumbo75 (51)
-
@JustinAzoff (26)
-
@FlyingWithJerome (24)
-
@leres (21)
-
@jsoref (21)
-
@eladsolomon-ms (21)
-
@AmazingPP (19)
-
@cstruck (17)
-
@dnthayer (17)
-
@evantypanski (17)
-
@ynadji (16)
-
@pbcullen (15)
-
@1wilkens (14)
-
@fatemabw (13)
Recent Commits
-
Update doc submodule [nomail] [skip ci]
-
Update doc submodule [nomail] [skip ci]
-
Merge remote-tracking branch 'origin/topic/awelzel/fix-writer-info-in-logging-hooks' * origin/topic/awelzel/fix-writer-info-in-logging-hooks: logging: Fix reporter message logging: Avoid repeated writer name lookups for plugin hooks logging: Fix HookLogInit() and HookLogWrite() info usage
-
Merge branch 'topic/bbannier/coverity'
-
Bump auxil/spicy to latest development snapshot
-
Prevent unneeded copies in QUIC C++ helper code
-
Merge remote-tracking branch 'origin/topic/johanna/gh-4061' * origin/topic/johanna/gh-4061: Update BiF-tracking, add is_event_handled Address review comments and small updates for DNS warnings Raise warnings when for DNS events that are not raised due to dns_skip_all_addl
-
Merge remote-tracking branch 'origin/topic/vern/C++-standalone-record-redef' * origin/topic/vern/C++-standalone-record-redef: support for record extensions when using -O gen-standalone-C++
-
support for record extensions when using -O gen-standalone-C++
-
logging: Fix reporter message
-
logging: Avoid repeated writer name lookups for plugin hooks If a plugin provides a write hook, the invocation for HookLogWrite() would redo looking up the writer's name from the enum value and instantiating a new std::string instance for every write. Avoid doing this.
-
logging: Fix HookLogInit() and HookLogWrite() info usage There's two instances of WriterBackend::WriterInfo for a given writer. One in Manager::WriterInfo that's accessible via stream.writers and a copy within WriterFrontend. Commit 78999d147d7a98a064d25854eea38468c1af7c5e switched to use the address of the frontend's info instance for HookLogWrite() invocations, breaking users using the address for identification purposes.
-
Update BiF-tracking, add is_event_handled
-
Address review comments and small updates for DNS warnings This commit addresses review feedback for DH-4155. Furthermore it fixes test failures, and adds a new test for the is_event_handled bif.
-
Merge branch 'topic/bbannier/coverity'
-
Bump auxil/spicy to latest development snapshot
-
Prevent copies in various places
-
Merge remote-tracking branch 'origin/topic/bbannier/fix-spicy-ssl-includes' * origin/topic/bbannier/fix-spicy-ssl-includes: Fix incomplete includes in Spicy SSL analyer C++ code
-
Merge branch 'topic/timw/add-security-md' * topic/timw/add-security-md: Add SECURITY.md, pointing at the website
-
Add SECURITY.md, pointing at the website
-
Merge remote-tracking branch 'origin/topic/timw/non-routeable-subnets' * origin/topic/timw/non-routeable-subnets: Update zeekctl submodule [nomail]
-
Update zeekctl submodule [nomail]
-
Fix incomplete includes in Spicy SSL analyer C++ code This appears to have been broken by feec451bcee7c459bc9a93e39ae18dc41515ac17.
-
Update doc submodule [nomail] [skip ci]
-
Merge branch 'topic/bbannier/bump-spicy'
-
Update doc submodule [nomail] [skip ci]
-
Merge remote-tracking branch 'origin/topic/etyp/harden-flaky-test' * origin/topic/etyp/harden-flaky-test: Harden flaky test based on creating a file
-
Mark `swap` specialization `noexcept`
-
Clean up some includes
-
Prevent exception in `noexcept` function.
Zeek Website
Website
The Zeek Network Security Monitor
Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open source, and powered by defenders.
Redirects
Does not redirect
Security Checks
All 66 security checks passed
Server Details
- IP Address 192.0.78.212
- Location San Francisco, California, United States of America, NA
- ISP Automattic Inc
- ASN AS2635
Associated Countries
-
US
Saftey Score
Website marked as safe
100%
Blacklist Check
zeek.org was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
Zeek Reviews
More Intrusion Detection
-
OSSEC is an Open Source host-based intrusion detection system, that performs log analysis, integrity checking, monitoring, rootkit detection, real-time alerting and active response.
-
An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
-
SNARE (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralized analysis of audit log data. Logs from the OS are collected and audited. Full remote access, through a web interface easy to use manually, or by an automated process.
Not Open Source -
picosnitch helps protect your security and privacy by "snitching" on anything that connects to the internet, letting you know when, how much data was transferred, and to where. It uses BPF to monitor network traffic per application, and per parent to cover those that just call others. It also hashes every executable, and will complain if some mischievous program is giving it trouble.
About the Data: Zeek
API
You can access Zeek's data programmatically via our API.
Simply make a GET request to:
https://api.awesome-privacy.xyz/networking/intrusion-detection/zeekThe REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share Zeek
Help your friends compare Intrusion Detection, and pick privacy-respecting software and services.
Share Zeek and Awesome Privacy with your network!