Zeek
zeek.orgDetect if you have a malware-infected computer on your network, and powerful network analysis framework and monitor.
- Homepage: zeek.org
- GitHub: github.com/zeek/zeek
- Web info: web-check.xyz/results/zeek.org
Zeek Source Code
Author
Description
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Homepage
https://www.zeek.orgLicense
NOASSERTION
Created
06 Jul 12
Last Updated
05 Oct 24
Latest version
Primary Language
C++
Size
172,970 KB
Stars
6,391
Forks
1,210
Watchers
6,391
Language Usage
Star History
Top Contributors
- @jsiwek (3434)
- @rsmmr (2767)
- @timwoj (2188)
- @0xxon (1837)
- @awelzel (1101)
- @vpax (929)
- @ckreibich (604)
- @zeek-bot (283)
- @grigorescu (282)
- @sethhall (181)
- @MaxKellermann (172)
- @bbannier (164)
- @mavam (129)
- @J-Gras (110)
- @Neverlord (104)
- @srunnels (52)
- @mauropalumbo75 (51)
- @JustinAzoff (26)
- @FlyingWithJerome (24)
- @eladsolomon-ms (21)
- @jsoref (21)
- @leres (21)
- @AmazingPP (19)
- @cstruck (17)
- @dnthayer (17)
- @ynadji (16)
- @pbcullen (15)
- @1wilkens (14)
- @fatemabw (13)
- @jbencteux (12)
Recent Commits
- Arne Welzel (28 Sept 24)
POP3: Rework unbounded pending command fix Processing out-of-order commands or finishing commands based on invalid server responses resulted in inconsistent analyzer state, potentially triggering null pointer references for crafted traffic. This commit reworks cf9fe91705f878e94ae14b373e5e5ea212273e2f such that too many pending commands are simply discarded, rather than any attempt being made to process them. Further, invalid server responses do not result in command completion anymore. Test PCAP was crafted based on traffic produced by the OSS-Fuzz reproducer. Closes #215
- Christian Kreibich (04 Oct 24)
Merge branch 'topic/christian/bump-cluster-testing' * topic/christian/bump-cluster-testing: Bump zeek-testing-cluster to pull in a baseline update
- Christian Kreibich (04 Oct 24)
Bump zeek-testing-cluster to pull in a baseline update The recently expanded `Describe()` output (c0ffaabe) caused one test to complain.
- Arne Welzel (04 Oct 24)
Merge remote-tracking branch 'origin/topic/etyp/centos-missing-file-test-fail' * origin/topic/etyp/centos-missing-file-test-fail: Fix flaky `missing-file-initially` test
- Evan Typanski (04 Oct 24)
Fix flaky `missing-file-initially` test That test got flaky probably from #3949 on centosstream9 CI. You can replicate that behavior by increasing the sleep time when waiting for the file such that the test will attempt to read the missing file again. Since the one second wait for file is glacially slow for this, speeding it up should mean that the file gets created sooner and so the test won't try to open the file again. But, it's always still technically possible, since the test will wait for 10 seconds and the heartbeat seems to be 1 second. At least if that happens, it's probably a bug or massive slowdown of some kind.
- Benjamin Bannier (04 Oct 24)
Merge branch 'topic/bbannier/spicyz-usage'
- Benjamin Bannier (04 Oct 24)
Add missing newline in `spicyz` usage message
- Arne Welzel (02 Oct 24)
Merge remote-tracking branch 'origin/topic/etyp/bg-test-nondeterminism' * origin/topic/etyp/bg-test-nondeterminism: Fix input error test nondeterminism
- Evan Typanski (02 Oct 24)
Fix input error test nondeterminism It seems like other similar tests get by because they have more "stuff" before they call `terminate()` most likely. But, to be safe, just removing the "received termination signal" line seems like the best approach.
- Arne Welzel (01 Oct 24)
Merge remote-tracking branch 'origin/topic/etyp/remove-duplicate-table-warns' * origin/topic/etyp/remove-duplicate-table-warns: Report suppressed warnings count Avoid duplicating warnings when reading table
- Evan Typanski (27 Sept 24)
Report suppressed warnings count This also triggers if there is one warning, which seems a little weird, but it seems mostly reasonable.
- Evan Typanski (24 Sept 24)
Avoid duplicating warnings when reading table Invalid lines in a file was the one case that would not suppress future warnings. Just make it suppress warnings too, but clear that suppression if there is a field in between that doesn't error. Fixes #3692
- zeek-bot (28 Sept 24)
Update doc submodule [nomail] [skip ci]
- Christian Kreibich (27 Sept 24)
Merge branch 'topic/vern/script-opt-maint.Sep24B' * topic/vern/script-opt-maint.Sep24B: factoring of logic used by ZAM's low-level optimizer when adjusting control flow info BTest baseline update for more complete function/lambda names tweak to -O gen-C++ maintenance script to avoid treating plugins as BTests fixed lambda hash collision bug due to function descriptions lacking full parameter information fixes (to avoid collisions) for AST profiling's function hash computations removed unused ZAM cast-to-any operation fixes for ZAM tracking the return type associated with function calls ZAM control-flow tracking now explicitly includes the ends of loops fix for ZAM identification of common subexpressions "-O dump-final-ZAM" option similar to "dump-ZAM" only prints final version of functions fix for setting object locations to avoid use-after-free situation extended "-O allow-cond" to apply to both gen-C++ and gen-standalone-C++ -O gen-C++ fix for run-time warnings for "when" lambdas fix to -O gen-C++ for recent AST profiling changes for identifying function parameters fix to -O gen-C++ for dealing with "hidden" parameters tweak to prevent an incorrect warning for scripts compiled to C++ fixed overly narrow Spicy test for manipulating packet analyzers fixed memory leak for recursive ZAM functions that exit via an exception remove unnecessary header include
- Vern Paxson (27 Sept 24)
factoring of logic used by ZAM's low-level optimizer when adjusting control flow info
- Vern Paxson (11 Sept 24)
BTest baseline update for more complete function/lambda names
- Vern Paxson (12 Sept 24)
tweak to -O gen-C++ maintenance script to avoid treating plugins as BTests
- Vern Paxson (11 Sept 24)
fixed lambda hash collision bug due to function descriptions lacking full parameter information
- Vern Paxson (11 Sept 24)
fixes (to avoid collisions) for AST profiling's function hash computations
- Vern Paxson (11 Sept 24)
removed unused ZAM cast-to-any operation
- Vern Paxson (11 Sept 24)
fixes for ZAM tracking the return type associated with function calls
- Vern Paxson (11 Sept 24)
ZAM control-flow tracking now explicitly includes the ends of loops
- Vern Paxson (11 Sept 24)
fix for ZAM identification of common subexpressions
- Vern Paxson (11 Sept 24)
"-O dump-final-ZAM" option similar to "dump-ZAM" only prints final version of functions
- Vern Paxson (11 Sept 24)
fix for setting object locations to avoid use-after-free situation
- Vern Paxson (11 Sept 24)
extended "-O allow-cond" to apply to both gen-C++ and gen-standalone-C++
- Vern Paxson (11 Sept 24)
-O gen-C++ fix for run-time warnings for "when" lambdas
- Vern Paxson (11 Sept 24)
fix to -O gen-C++ for recent AST profiling changes for identifying function parameters
- Vern Paxson (11 Sept 24)
fix to -O gen-C++ for dealing with "hidden" parameters
- Vern Paxson (11 Sept 24)
tweak to prevent an incorrect warning for scripts compiled to C++
Zeek Website
Website
The Zeek Network Security Monitor
Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open source, and powered by defenders.
Redirects
Redirects to https://zeek.org/
Security Checks
All 66 security checks passed
Server Details
- IP Address 192.0.78.150
- Location San Francisco, California, United States of America, NA
- ISP Automattic Inc
- ASN AS2635
Associated Countries
- US
Saftey Score
Website marked as safe
100%
Blacklist Check
zeek.org was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
Zeek Reviews
More Self-Hosted Network Security
-
Network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole. Pi-Hole can significantly speed up your internet, remove ads and block malware. It comes with a nice web interface and a mobile app with monitoring features, it's open source, easy to install and very widely used.
-
Another DNS server for blocking privacy-invasive content at its source. Technitium doesn't require much of a setup, and basically works straight out of the box, it supports a wide range of systems (and can even run as a portable app on Windows). It allows you to do some additional tasks, such as add local DNS addresses and zones with specific DNS records. Compared to Pi-Hole, Technitium is very lightweight, but lacks the deep insights that Pi-Hole provides, and has a significantly smaller community behind it.
-
A hardened, versatile, state-of-the-art open source firewall based on Linux. Its ease of use, high performance and extensibility make it usable for everyone.
-
A simple way to set up a home VPN on any Debian server. Supports OpenVPN and WireGuard with elliptic curve encryption keys up to 512 bit. Supports multiple DNS providers and custom DNS providers - works nicely along-side PiHole.
-
Powerful open source web content filter.
-
Widely used, open source firewall/router.
-
Open-source self-hosted VPN and firewall built on WireGuard®.
About the Data: Zeek
API
You can access Zeek's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/networking/self-hosted-network-security/zeek
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share Zeek
Help your friends compare Self-Hosted Network Security, and pick privacy-respecting software and services.
Share Zeek and Awesome Privacy with your network!