Zeek
zeek.orgDetect if you have a malware-infected computer on your network, and powerful network analysis framework and monitor.
- Homepage: zeek.org
- GitHub: github.com/zeek/zeek
- Web info: web-check.xyz/results/zeek.org
Zeek Source Code
Author
Description
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Homepage
https://www.zeek.orgLicense
NOASSERTION
Created
06 Jul 12
Last Updated
29 Nov 24
Latest version
Primary Language
C++
Size
175,101 KB
Stars
6,489
Forks
1,223
Watchers
6,489
Language Usage
Star History
Top Contributors
- @jsiwek (3434)
- @rsmmr (2774)
- @timwoj (2218)
- @0xxon (1853)
- @awelzel (1217)
- @vpax (946)
- @ckreibich (624)
- @zeek-bot (300)
- @grigorescu (282)
- @bbannier (184)
- @sethhall (181)
- @MaxKellermann (172)
- @mavam (129)
- @J-Gras (110)
- @Neverlord (104)
- @srunnels (52)
- @mauropalumbo75 (51)
- @JustinAzoff (26)
- @FlyingWithJerome (24)
- @eladsolomon-ms (21)
- @jsoref (21)
- @leres (21)
- @AmazingPP (19)
- @cstruck (17)
- @dnthayer (17)
- @ynadji (16)
- @pbcullen (15)
- @1wilkens (14)
- @evantypanski (13)
- @fatemabw (13)
Recent Commits
- zeek-bot (28 Nov 24)
Update doc submodule [nomail] [skip ci]
- Tim Wojtulewicz (27 Nov 24)
Merge remote-tracking branch 'origin/topic/johanna/jq-guard' * origin/topic/johanna/jq-guard: Add TEST-REQUIRES: which jq to two new tests that are using jq
- Johanna Amann (27 Nov 24)
Add TEST-REQUIRES: which jq to two new tests that are using jq
- Johanna Amann (27 Nov 24)
Merge remote-tracking branch 'origin/topic/johanna/modbus-test-comment' * origin/topic/johanna/modbus-test-comment: Explain why modbus test does not work with the Spicy SSL analyzer
- Johanna Amann (27 Nov 24)
Explain why modbus test does not work with the Spicy SSL analyzer This took a _long_ time to figure out.
- Johanna Amann (27 Nov 24)
Merge remote-tracking branch 'origin/topic/johanna/sqlite-pragmas' * origin/topic/johanna/sqlite-pragmas: Options for SQLite log writer, eliminate duplicate definitions Test synchronous/journal mode options for SQLite log writer Added default options for synchronous and journal mode Support for synchronous and journal_mode
- zeek-bot (27 Nov 24)
Update doc submodule [nomail] [skip ci]
- Arne Welzel (26 Nov 24)
Merge remote-tracking branch 'origin/topic/awelzel/pluggable-cluster-backends-part2' * origin/topic/awelzel/pluggable-cluster-backends-part2: ci/test.sh: Run doctest with TZ=UTC cluster/setup-connections: Switch to Cluster::subscribe(), short-circuit broker cluster/serializer: Add Broker based event serializers cluster: Add Cluster scoped bifs Reporter: Add ScriptLocationScope helper init-bare/zeek-setup: Add Cluster::backend const &redef broker: Implement cluster::Backend interface Broker: Fix some error messages broker: Remove MakeEvent(ArgsSpan)
- Johanna Amann (26 Nov 24)
Options for SQLite log writer, eliminate duplicate definitions Patch provided by Arne Welzel, see GH-4063
- Johanna Amann (26 Nov 24)
Update 3dparty submodule [nomail]
- Arne Welzel (26 Nov 24)
Merge remote-tracking branch 'origin/topic/vern/zam-exception-leaks' * origin/topic/vern/zam-exception-leaks: More robust memory management for ZAM execution - fixes #4052
- Vern Paxson (22 Nov 24)
More robust memory management for ZAM execution - fixes #4052
- Johanna Amann (26 Nov 24)
Merge remote-tracking branch 'origin/topic/johanna/sqlite3.47.1' * origin/topic/johanna/sqlite3.47.1: Update SQLite to 3.47.1
- Arne Welzel (26 Nov 24)
Merge remote-tracking branch 'origin/topic/awelzel/deprecate-val-list-to-args' * origin/topic/awelzel/deprecate-val-list-to-args: ZeekArgs: Deprecate val_list_to_args()
- Johanna Amann (26 Nov 24)
Test synchronous/journal mode options for SQLite log writer Also adds some small tweaks and adds the new feature to NEWS.
- Arne Welzel (13 Nov 24)
ci/test.sh: Run doctest with TZ=UTC Broker's JSON serialization is TZ dependent (which seems a bug). For now do the same as we do in btest.cfg and run doctests with TZ set to UTC. Reported in zeek/broker#434.
- Arne Welzel (13 Nov 24)
cluster/setup-connections: Switch to Cluster::subscribe(), short-circuit broker For the time being, this is easiest, otherwise we'd need to conditionally load a broker-specific policy script based on Cluster::backend being set.
- Arne Welzel (13 Nov 24)
cluster/serializer: Add Broker based event serializers This adds the first event serializers that use broker functionality. Binary and JSON formats.
- Arne Welzel (13 Nov 24)
cluster: Add Cluster scoped bifs ... and a broker based test using Cluster::publish() and Cluster::subscribe().
- Arne Welzel (26 Nov 24)
Reporter: Add ScriptLocationScope helper
- Arne Welzel (13 Nov 24)
init-bare/zeek-setup: Add Cluster::backend const &redef
- Arne Welzel (22 Nov 24)
broker: Implement cluster::Backend interface
- Arne Welzel (22 Nov 24)
Broker: Fix some error messages
- Arne Welzel (22 Nov 24)
broker: Remove MakeEvent(ArgsSpan) This was added previously in the 7.1 cycle. Now that MakeEvent() was removed from cluster::Backend, there's no need for Broker to provide this version.
- Mymaqn (30 Oct 24)
Added default options for synchronous and journal mode Added enum options SQLITE_SYNCHRONOUS_DEFAULT and SQLITE_JOURNAL_MODE_DEFAULT and changed the default to be these instead.
- Mymaqn (24 Oct 24)
Support for synchronous and journal_mode
- Johanna Amann (26 Nov 24)
Update SQLite to 3.47.1
- zeek-bot (23 Nov 24)
Update doc submodule [nomail] [skip ci]
- Arne Welzel (22 Nov 24)
Merge remote-tracking branch 'origin/topic/awelzel/test-init-hooks-plugin' * origin/topic/awelzel/test-init-hooks-plugin: btest/plugins: Add a plugin testing Init and Done hooks
- Arne Welzel (22 Nov 24)
Merge remote-tracking branch 'origin/topic/awelzel/skip-core-expr-error' * origin/topic/awelzel/skip-core-expr-error: Disable core.expr-execption btest under ZAM to fix CI builds
Zeek Website
Website
The Zeek Network Security Monitor
Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open source, and powered by defenders.
Redirects
Redirects to https://zeek.org/
Security Checks
All 66 security checks passed
Server Details
- IP Address 192.0.78.150
- Location San Francisco, California, United States of America, NA
- ISP Automattic Inc
- ASN AS2635
Associated Countries
- US
Saftey Score
Website marked as safe
100%
Blacklist Check
zeek.org was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
Zeek Reviews
More Self-Hosted Network Security
-
Network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole. Pi-Hole can significantly speed up your internet, remove ads and block malware. It comes with a nice web interface and a mobile app with monitoring features, it's open source, easy to install and very widely used.
-
Another DNS server for blocking privacy-invasive content at its source. Technitium doesn't require much of a setup, and basically works straight out of the box, it supports a wide range of systems (and can even run as a portable app on Windows). It allows you to do some additional tasks, such as add local DNS addresses and zones with specific DNS records. Compared to Pi-Hole, Technitium is very lightweight, but lacks the deep insights that Pi-Hole provides, and has a significantly smaller community behind it.
-
A hardened, versatile, state-of-the-art open source firewall based on Linux. Its ease of use, high performance and extensibility make it usable for everyone.
-
A simple way to set up a home VPN on any Debian server. Supports OpenVPN and WireGuard with elliptic curve encryption keys up to 512 bit. Supports multiple DNS providers and custom DNS providers - works nicely along-side PiHole.
-
Powerful open source web content filter.
-
Widely used, open source firewall/router.
-
Open-source self-hosted VPN and firewall built on WireGuard®.
About the Data: Zeek
API
You can access Zeek's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/networking/self-hosted-network-security/zeek
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share Zeek
Help your friends compare Self-Hosted Network Security, and pick privacy-respecting software and services.
Share Zeek and Awesome Privacy with your network!