Zeek
zeek.org Server/ VM/ PiZeek (formally Bro) Passively monitors network traffic and looks for suspicious activity.
- Homepage: zeek.org
- GitHub: github.com/zeek/zeek
- Web info: web-check.xyz/results/zeek.org
Zeek Source Code
Author
Description
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Homepage
https://www.zeek.orgLicense
NOASSERTION
Created
06 Jul 12
Last Updated
05 Apr 24
Latest version
Primary Language
C++
Size
160,923 KB
Stars
5,886
Forks
1,159
Watchers
5,886
Language Usage
Star History
Top Contributors
-
@jsiwek (3434)
-
@rsmmr (2726)
-
@timwoj (1972)
-
@0xxon (1775)
-
@awelzel (937)
-
@vpax (815)
-
@ckreibich (556)
-
@grigorescu (282)
-
@zeek-bot (253)
-
@sethhall (181)
-
@MaxKellermann (172)
-
@bbannier (133)
-
@mavam (129)
-
@Neverlord (103)
-
@J-Gras (102)
-
@srunnels (52)
-
@mauropalumbo75 (51)
-
@JustinAzoff (26)
-
@FlyingWithJerome (24)
-
@jsoref (21)
-
@eladsolomon-ms (21)
-
@leres (20)
-
@cstruck (17)
-
@dnthayer (17)
-
@ynadji (16)
-
@AmazingPP (15)
-
@1wilkens (14)
-
@fatemabw (13)
-
@jbencteux (12)
-
@jshlbrd (11)
Recent Commits
-
Johanna Amann (03 Apr 24)
Merge remote-tracking branch 'origin/topic/johanna/configure-check-submodules' * origin/topic/johanna/configure-check-submodules: Address review feedback for configure error change Raise configure error message for unsupported archives
-
Johanna Amann (02 Apr 24)
Address review feedback for configure error change See GH-3669
-
Tim Wojtulewicz (02 Apr 24)
Merge remote-tracking branch 'origin/topic/vern/zam-cat-time-fix' * origin/topic/vern/zam-cat-time-fix: fix ZAM "cat" of doubles/times to include trailing ".0" per normal BiF behavior
-
Johanna Amann (02 Apr 24)
Raise configure error message for unsupported archives Github lets users download archives of our repos. These do not contain the necessary submodules. We regularly encounter users who stumble across this. We already do have an error message that is raised when a non-recursive git checkout was done. This commit adds an error message for a non-git download that does not contain the necessary files.
-
Tim Wojtulewicz (29 Mar 24)
Merge branch 'topic/timw/fix-macos-build' * topic/timw/fix-macos-build: CI: Specify the xcode version of the macOS Sonoma instance
-
Vern Paxson (20 Mar 24)
fix ZAM "cat" of doubles/times to include trailing ".0" per normal BiF behavior
-
Tim Wojtulewicz (28 Mar 24)
CI: Specify the xcode version of the macOS Sonoma instance
-
Christian Kreibich (28 Mar 24)
Merge branch 'topic/christian/zeek-lib-fix' * topic/christian/zeek-lib-fix: Remove vestigial Conan bit in CMakeLists.txt When configuring Spicy, be prepated for zeek_lib or zeek_exe targets. Fix a typo in CMakeLists.txt when building Zeek as a library
-
Christian Kreibich (27 Mar 24)
Remove vestigial Conan bit in CMakeLists.txt This is no longer required since we switched Conan to vcpkg a while back.
-
Christian Kreibich (27 Mar 24)
When configuring Spicy, be prepated for zeek_lib or zeek_exe targets. This avoids a configuration error where zeek_exe is not defined (i.e. when building (only) as a library). It anticipates building both the executable and the library, which we used to do when using Conan but currently don't.
-
Christian Kreibich (27 Mar 24)
Fix a typo in CMakeLists.txt when building Zeek as a library This caused an error at configuration time since zeek_lie isn't a thing.
-
Robin Sommer (25 Mar 24)
Merge remote-tracking branch 'origin/topic/robin/bump-spicy' * origin/topic/robin/bump-spicy: Bump Spicy to current `main`.
-
Robin Sommer (25 Mar 24)
Bump Spicy to current `main`.
-
Tim Wojtulewicz (19 Mar 24)
Merge remote-tracking branch 'origin/topic/vern/fine-grained-ZAM-profiling' * origin/topic/vern/fine-grained-ZAM-profiling: tie into updates to gen-zam ZAM documentation updated to reflect finer-grained profiling ZAM-specific BTest baseline changes for tweak to how ZAM bodies print BTest baseline changes for tweak to how ZAM bodies print ZAM execution changes to support richer profiling use richer block-aware location information for ZAM instructions better isolation of ZAM instruction elements hooks for tracking extended ZAM profiling location framework for --enable-ZAM-profiling configuration profiles go to zprof.log rather than stdout ZAM classes in support of finer-grained profiling refined ZAM function profiling to include (correct) statement line number blocks avoid potentially expensive mallinfo() call if result won't be used
-
Vern Paxson (10 Mar 24)
tie into updates to gen-zam
-
Vern Paxson (10 Mar 24)
ZAM documentation updated to reflect finer-grained profiling
-
Vern Paxson (10 Mar 24)
ZAM-specific BTest baseline changes for tweak to how ZAM bodies print
-
Vern Paxson (10 Mar 24)
BTest baseline changes for tweak to how ZAM bodies print
-
Vern Paxson (10 Mar 24)
ZAM execution changes to support richer profiling
-
Vern Paxson (10 Mar 24)
use richer block-aware location information for ZAM instructions
-
Vern Paxson (10 Mar 24)
better isolation of ZAM instruction elements hooks for tracking extended ZAM profiling location
-
Vern Paxson (10 Mar 24)
framework for --enable-ZAM-profiling configuration profiles go to zprof.log rather than stdout
-
Vern Paxson (10 Mar 24)
ZAM classes in support of finer-grained profiling
-
Vern Paxson (10 Mar 24)
refined ZAM function profiling to include (correct) statement line number blocks
-
Vern Paxson (10 Mar 24)
avoid potentially expensive mallinfo() call if result won't be used
-
Tim Wojtulewicz (19 Mar 24)
Merge remote-tracking branch 'origin/topic/timw/fix-std-function-stmt' * origin/topic/timw/fix-std-function-stmt: Remove variant from StdFunctionStmt
-
Tim Wojtulewicz (19 Mar 24)
Remove variant from StdFunctionStmt The variant ended up conflicting with std::bind, which resulted in failures on the btest invoking it. Change back to a single function that takes a flow, and default it to a value in Exec.
-
Tim Wojtulewicz (18 Mar 24)
Merge remote-tracking branch 'origin/topic/timw/std-function-event-handler' * origin/topic/timw/std-function-event-handler: Add a method to register an event handler to a std::function via C++
-
Tim Wojtulewicz (08 Mar 24)
Add a method to register an event handler to a std::function via C++
-
Tim Wojtulewicz (18 Mar 24)
Merge remote-tracking branch 'origin/topic/neverlord/broker-bump' * origin/topic/neverlord/broker-bump: Update Broker submodule
Zeek Website
Website
The Zeek Network Security Monitor
Zeek (formerly Bro) is the world’s leading platform for network security monitoring. Flexible, open source, and powered by defenders.
Redirects
Does not redirect
Security Checks
All 66 security checks passed
Server Details
- IP Address 192.0.78.212
- Location San Francisco, California, United States of America, NA
- ISP Automattic Inc
- ASN AS2635
Associated Countries
-
US
Saftey Score
Website marked as safe
100%
Blacklist Check
zeek.org was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
Zeek Reviews
More Intrusion Detection
-
OSSEC is an Open Source host-based intrusion detection system, that performs log analysis, integrity checking, monitoring, rootkit detection, real-time alerting and active response.
-
An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
-
SNARE (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralized analysis of audit log data. Logs from the OS are collected and audited. Full remote access, through a web interface easy to use manually, or by an automated process.
Not Open Source -
picosnitch helps protect your security and privacy by "snitching" on anything that connects to the internet, letting you know when, how much data was transferred, and to where. It uses BPF to monitor network traffic per application, and per parent to cover those that just call others. It also hashes every executable, and will complain if some mischievous program is giving it trouble.
About the Data: Zeek
API
You can access Zeek's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/networking/intrusion-detection/zeek
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share Zeek
Help your friends compare Intrusion Detection, and pick privacy-respecting software and services.
Share Zeek and Awesome Privacy with your network!