Zeek
zeek.orgDetect if you have a malware-infected computer on your network, and powerful network analysis framework and monitor.
- Homepage: zeek.org
- GitHub: github.com/zeek/zeek
- Web info: web-check.xyz/check/zeek.org
Zeek Source Code
Author
Description
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Homepage
https://www.zeek.orgLicense
NOASSERTION
Created
06 Jul 12
Last Updated
11 Jul 26
Latest version
Primary Language
C++
Size
277,057 KB
Stars
7,762
Forks
1,382
Watchers
7,762
Language Usage
Star History
Top Contributors
-
@timwoj (3713)
-
@jsiwek (3546)
-
@rsmmr (2448)
-
@awelzel (2269)
-
@0xxon (2030)
-
@vpax (1117)
-
@ckreibich (822)
-
@zeek-bot (460)
-
@bbannier (319)
-
@grigorescu (284)
-
@evantypanski (201)
-
@J-Gras (179)
-
@MaxKellermann (172)
-
@mavam (129)
-
@Neverlord (116)
-
@sethhall (80)
-
@srunnels (52)
-
@mauropalumbo75 (51)
-
@dxbjavid (32)
-
@FlyingWithJerome (24)
-
@eladsolomon-ms (23)
-
@JustinAzoff (23)
-
@fatemabw (21)
-
@leres (21)
-
@jsoref (21)
-
@dnthayer (21)
-
@AmazingPP (20)
-
@ynadji (18)
-
@cstruck (17)
-
@pbcullen (17)
-
@1wilkens (14)
-
@jbencteux (12)
-
@dependabot[bot] (12)
-
@jshlbrd (11)
-
@dopheide-esnet (10)
-
@jwallior (10)
-
@hosom (9)
-
@p-l- (8)
-
@ekoyle (7)
-
@jsbarber (7)
-
@jrolli (7)
-
@stevesmoot (6)
-
@jeff-bb (6)
-
@achill06 (6)
-
@grapestems (6)
-
@VasuBhakt (6)
-
@marktayl (6)
-
@dale-lakes (5)
-
@yunzheng (5)
-
@micrictor (5)
-
@ronwellman (4)
-
@urvalkheni (4)
-
@MP-Corelight (4)
-
@jasonlue (4)
-
@wglodek (4)
-
@balintm (4)
-
@sujalavnelavai (4)
-
@sheharbano (4)
-
@aeppert (4)
-
@moshekaplan (4)
-
@lukevalenta (4)
-
@henridf (4)
-
@keithjjones (3)
-
@martincmr (3)
-
@kshitiz-bartariya (3)
-
@bhaskarbhar (3)
-
@msmiley (3)
-
@lcesarz (3)
-
@cubic1271 (3)
-
@frerich (3)
-
@abdelsaxd (2)
-
@malvidin (2)
-
@The-Alchemist (2)
-
@Mr-Click (2)
-
@anthonykasza (2)
-
@cccs-will (2)
-
@christina23 (2)
-
@jgvt (2)
-
@jmestwa-coder (2)
-
@lczllx (2)
-
@naveensrinivasan (2)
-
@voidbar (2)
-
@xb-anssi (2)
-
@XueSongTap (2)
-
@dcode (2)
-
@petiepooo (2)
-
@LBLSecurity (2)
-
@albertzaharovits (2)
-
@abenson (2)
-
@assafmo (2)
-
@edoardomich (2)
-
@zambo99 (2)
-
@olaldiko (2)
-
@stefangoetzcorelight (2)
-
@chmodshubham (2)
-
@Ruddxxy (2)
-
@neu5ron (2)
-
@Mymaqn (2)
-
@Mohan-Dhawan (2)
-
@juno0812 (2)
Recent Commits
-
Tim Wojtulewicz (10 Jul 26)
Merge remote-tracking branch 'origin/topic/timw/upgrade-ci-clang-to-clang-22' * origin/topic/timw/upgrade-ci-clang-to-clang-22: CCI: Update date for debian-12 image Fix additional warning from clang-tidy-22 CI: Use newer ubuntu-24.04 image and clang-22 CI: Install clang-22 in ubuntu-24.04 Dockerfile
-
Tim Wojtulewicz (08 Jul 26)
CCI: Update date for debian-12 image
-
Tim Wojtulewicz (08 Jul 26)
Fix additional warning from clang-tidy-22
-
Tim Wojtulewicz (07 Jul 26)
CI: Use newer ubuntu-24.04 image and clang-22
-
Tim Wojtulewicz (07 Jul 26)
CI: Install clang-22 in ubuntu-24.04 Dockerfile
-
Arne Welzel (09 Jul 26)
Merge remote-tracking branch 'origin/topic/awelzel/skip-check-for-docs-only' * origin/topic/awelzel/skip-check-for-docs-only: github/workflows/check: Skip check.yml workflow for docs only changes
-
Tim Wojtulewicz (09 Jul 26)
Merge remote-tracking branch 'origin/topic/timw/clean-up-ubsan-cmake-setup' * origin/topic/timw/clean-up-ubsan-cmake-setup: Enable UBSan 'builtin' and 'pointer-overflow' checks Reformat list of enabled/disabled checks in CMakeLists.txt
-
Tim Wojtulewicz (21 Jun 26)
Enable UBSan 'builtin' and 'pointer-overflow' checks These two weren't implemented by various old versions of GCC when we added UBSan support, but they're ok in newer versions.
-
Tim Wojtulewicz (21 Jun 26)
Reformat list of enabled/disabled checks in CMakeLists.txt
-
Arne Welzel (09 Jul 26)
github/workflows/check: Skip check.yml workflow for docs only changes Directly from the docs: https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#example-excluding-paths
-
zeek-bot (09 Jul 26)
Docs: Regenerated via GitHub workflow [nomail] [skip ci]
-
Tim Wojtulewicz (08 Jul 26)
Merge remote-tracking branch 'origin/topic/awelzel/revert-util-fmt-fprintf-and-assert' * origin/topic/awelzel/revert-util-fmt-fprintf-and-assert: util/fmt: Remove non-main thread warning / abort() again
-
Arne Welzel (08 Jul 26)
util/fmt: Remove non-main thread warning / abort() again JavaScript code execution does not happen on the main thread. Execution is offloaded to a separate thread while Zeek's main thread is fully paused until JavaScript execution completes at which point the main thread resumes. The util::fmt() function is reachable through various paths from JavaScript by using zeek.invoke() to execute Zeek script or builtin functions. This triggers the just added fprintf() / abort() from commit d6db4402db3bcdfdbd374ad70540d03e679d2d2b. Revert this logic as it's a false positive for this particular case and it wasn't the greatest idea.
-
Evan Typanski (08 Jul 26)
Merge remote-tracking branch 'origin/topic/etyp/openssl-configure-stall' * origin/topic/etyp/openssl-configure-stall: Bump cmake for OpenSSL includes Fix stall with OpenSSL check on Mac with ASAN
-
Arne Welzel (08 Jul 26)
Merge remote-tracking branch 'origin/topic/awelzel/skip-zeekjs-on-debian-12' * origin/topic/awelzel/skip-zeekjs-on-debian-12: ci/NEWS: Skip installing libnode-dev on Debian 12
-
Evan Typanski (07 Jul 26)
Bump cmake for OpenSSL includes
-
Evan Typanski (08 Jul 26)
Merge remote-tracking branch 'origin/topic/etyp/leak-asan-cycle' * origin/topic/etyp/leak-asan-cycle: Disable leak checking on cycle test
-
Johanna Amann (08 Jul 26)
Merge remote-tracking branch 'origin/topic/johanna/bif-doc-fixes' * origin/topic/johanna/bif-doc-fixes: Protocol/file analysis bif doc fixes
-
Evan Typanski (08 Jul 26)
Disable leak checking on cycle test I broke ASAN with #5593 Also switches other uses of `ASAN_OPTIONS` to use the correct separator.
-
Arne Welzel (08 Jul 26)
ci/NEWS: Skip installing libnode-dev on Debian 12 The Debian 12 build fails because GCC 12.x doesn't yet have <format>. <...>/zeek/auxil/zeekjs/src/Nodejs.cc:7:10: fatal error: format: No such file or directory 7 | #include <format> | ^~~~~~~~ And seems fine to me to require a more recent distribution when JavaScript is enabled. Debian 13 has been released almost a year ago, JavaScript does have the experimental sticker still, and I don't think this will affect enough users to be worth a libfmt fallback. I'd be positively surprised if that's wrong :-)
-
Johanna Amann (04 Jun 26)
Protocol/file analysis bif doc fixes This commit applies a range of small documentation fixes to some of the analyzer and file_analyzer bifs. This includes minor formatting changes, fixed todos, typos, unfinished sentences, and a couple of incorrect statements. This was made with the help of Claufe Opus 4.7 (which found the issues), and then manually edited. I understand and verified all of the changes.
-
Arne Welzel (08 Jul 26)
Merge branch 'smtp_docs' of https://github.com/malvidin/zeek * 'smtp_docs' of https://github.com/malvidin/zeek: Align RCPT TO comment with docs Clarify SMTP documentation Remove email header label for SMTP commands Expand Message-ID & Reply-To to match RFC822
-
Steven (08 Jul 26)
Align RCPT TO comment with docs
-
Steven (08 Jul 26)
Clarify SMTP documentation Remove email header label for SMTP commands Expand Message-ID & Reply-To to match RFC822
-
Arne Welzel (08 Jul 26)
Merge branch 'topic/vfmt-thread-safety-callers' of https://github.com/stefangoetzcorelight/zeek * 'topic/vfmt-thread-safety-callers' of https://github.com/stefangoetzcorelight/zeek: util/fmt: guard fmt() misuse util/fmt: Use thread-safe Fmt() in backend threads Modified to always emit the warning once, abort() in DEBUG only.
-
Arne Welzel (08 Jul 26)
Merge remote-tracking branch 'origin/topic/awelzel/bump-zeekjs-0-24-0' * origin/topic/awelzel/bump-zeekjs-0-24-0: Bump zeekjs to v0.24.0
-
zeek-bot (08 Jul 26)
Docs: Regenerated via GitHub workflow [nomail] [skip ci]
-
Tim Wojtulewicz (07 Jul 26)
Merge remote-tracking branch 'origin/topic/christian/broker-backpressure-tests' * origin/topic/christian/broker-backpressure-tests: Add Broker backpressure tests
-
Evan Typanski (07 Jul 26)
Merge remote-tracking branch 'origin/topic/etyp/val-recursion' * origin/topic/etyp/val-recursion: Fix infinite recursion in val describe
-
Stefan Götz (06 Jul 26)
util/fmt: guard fmt() misuse util::fmt() uses a single process-global buffer, so it is only safe on the main thread: a backend thread calling it can overwrite the buffer while the main thread still holds a returned pointer (e.g. across the copy_string() in Writer/ReaderFrontend), leading to corruption. Add a DEBUG-only assertion in vfmt() that aborts if it is called off the main thread. Make code comments more explicit about correct use.
Zeek Security
Zeek Website
Website
The Zeek Network Security Monitor
Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open source, and powered by defenders.
Redirects
Redirects to https://zeek.org/
Security Checks
All 65 security checks passed
Server Details
- IP Address 192.0.78.212
- Location San Francisco, California, United States of America, NA
- ISP Automattic Inc
- ASN AS2635
Associated Countries
-
US -
FR -
CA
Safety Score
Website marked as safe
100%
Blacklist Check
zeek.org was found on 0 blacklists
- AntiSocial Blacklist
- Artists Against 419
- Badbitcoin
- Bambenek Consulting
- CERT Polska
- CoinBlockerLists
- CRDF
- CryptoScamDB
- EtherAddressLookup
- EtherScamDB
- Fake Website Buster
- MetaMask EthPhishing
- NABP Not Recommended Sites
- OpenPhish
- PetScams
- PhishFeed
- PhishFort
- Phishing.Database
- PhishStats
- PhishTank
- Phishunt
- RPiList Not Serious
- Scam.Directory
- SecureReload Phishing List
- Spam404
- StopGunScams
- Suspicious Hosting IP
- ThreatFox
- ThreatLog
- TweetFeed
- URLhaus
- ViriBack C2 Tracker
Website Preview
Zeek Reviews
More Self-Hosted Network Security
-
Powerful open source web content filter.
-
Open-source self-hosted VPN and firewall built on WireGuard®.
-
A hardened, versatile, state-of-the-art open source firewall based on Linux. Its ease of use, high performance and extensibility make it usable for everyone.
-
Widely used, open source firewall/router.
-
Network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole. Pi-Hole can significantly speed up your internet, remove ads and block malware. It comes with a nice web interface and a mobile app with monitoring features, it's open source, easy to install and very widely used.
-
A simple way to set up a home VPN on any Debian server. Supports OpenVPN and WireGuard with elliptic curve encryption keys up to 512 bit. Supports multiple DNS providers and custom DNS providers - works nicely along-side PiHole.
-
Another DNS server for blocking privacy-invasive content at its source. Technitium doesn't require much of a setup, and basically works straight out of the box, it supports a wide range of systems (and can even run as a portable app on Windows). It allows you to do some additional tasks, such as add local DNS addresses and zones with specific DNS records. Compared to Pi-Hole, Technitium is very lightweight, but lacks the deep insights that Pi-Hole provides, and has a significantly smaller community behind it.
About the Data: Zeek
API
You can access Zeek's data programmatically via our API. Simply make a GET request to:
https://api.awesome-privacy.xyz/v1/services/zeek The REST API is free, no-auth and CORS-enabled. To learn more, view the API Docs or read the API Usage Guide.
Share Zeek
Help your friends compare Self-Hosted Network Security, and pick
privacy-respecting software and services.
Share Zeek and Awesome Privacy with your network!