├── CVE-2019-11479 ├── CVE-2019-11479.rules └── CVE-2019-11479.zeek ├── LICENSE ├── README.md └── Zeek-official-packages ├── 0xxon └── bro-pkg.index ├── README.rst ├── activecm └── bro-pkg.index ├── aggregate.meta ├── anthonykasza └── bro-pkg.index ├── apache └── bro-pkg.index ├── bricata └── bro-pkg.index ├── bro └── bro-pkg.index ├── corelight └── bro-pkg.index ├── dopheide └── bro-pkg.index ├── dovehawk └── bro-pkg.index ├── endace └── bro-pkg.index ├── esnet └── bro-pkg.index ├── fatemabw └── bro-pkg.index ├── hhzzk └── bro-pkg.index ├── hosom └── bro-pkg.index ├── initconf └── bro-pkg.index ├── irtimmer └── bro-pkg.index ├── j-gras └── bro-pkg.index ├── jbaggs └── bro-pkg.index ├── jmellander └── bro-pkg.index ├── joesecurity └── bro-pkg.index ├── jonzeolla └── bro-pkg.index ├── jsiwek └── bro-pkg.index ├── jswaro └── bro-pkg.index ├── klehigh └── bro-pkg.index ├── mitrecnd └── bro-pkg.index ├── ncsa └── bro-pkg.index ├── ntop └── bro-pkg.index ├── pgaulon └── bro-pkg.index ├── reservoirlabs └── bro-pkg.index ├── salesforce └── bro-pkg.index ├── scebro └── bro-pkg.index ├── sethhall └── bro-pkg.index ├── srozb └── bro-pkg.index ├── tenzir └── bro-pkg.index ├── theflakes └── bro-pkg.index └── vitalyrepin └── bro-pkg.index /CVE-2019-11479/CVE-2019-11479.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/CVE-2019-11479/CVE-2019-11479.rules -------------------------------------------------------------------------------- /CVE-2019-11479/CVE-2019-11479.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/CVE-2019-11479/CVE-2019-11479.zeek -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/README.md -------------------------------------------------------------------------------- /Zeek-official-packages/0xxon/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/0xxon/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/README.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/README.rst -------------------------------------------------------------------------------- /Zeek-official-packages/activecm/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/activecm/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/aggregate.meta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/aggregate.meta -------------------------------------------------------------------------------- /Zeek-official-packages/anthonykasza/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/anthonykasza/indicator-rules 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/apache/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/apache/metron-bro-plugin-kafka 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/bricata/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/bricata/flow_labels 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/bro/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/bro/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/corelight/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/corelight/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/dopheide/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/dopheide/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/dovehawk/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/tylabs/dovehawk 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/endace/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/endace/bro-dag 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/esnet/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/esnet/zeek_perfsonar_owamp 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/fatemabw/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/fatemabw/bro-inventory-scripts 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/hhzzk/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/hhzzk/dns-tunnels 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/hosom/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/hosom/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/initconf/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/initconf/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/irtimmer/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/irtimmer/bro-xdp_packet-plugin 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/j-gras/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/j-gras/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/jbaggs/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/jbaggs/anomalous-dns 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/jmellander/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/jmellander/BinaryHeap 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/joesecurity/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/joesecurity/Joe-Sandbox-Bro 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/jonzeolla/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/JonZeolla/scan-sampling 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/jsiwek/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/jsiwek/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/jswaro/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/jswaro/tcprs 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/klehigh/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/klehigh/find_smbv1 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/mitrecnd/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/MITRECND/bro-http2 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/ncsa/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/ncsa/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/ntop/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/ntop/bro-pf_ring -------------------------------------------------------------------------------- /Zeek-official-packages/pgaulon/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/pgaulon/bro-notice-slack 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/reservoirlabs/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/reservoirlabs/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/salesforce/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/salesforce/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/scebro/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/SoftwareConsultingEmporium/ldap-analyzer 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/sethhall/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/sethhall/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/srozb/bro-pkg.index: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tianyulab/ThreatDetectionRules/HEAD/Zeek-official-packages/srozb/bro-pkg.index -------------------------------------------------------------------------------- /Zeek-official-packages/tenzir/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/tenzir/zeek-vast 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/theflakes/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/theflakes/bro-large_uploads 2 | -------------------------------------------------------------------------------- /Zeek-official-packages/vitalyrepin/bro-pkg.index: -------------------------------------------------------------------------------- 1 | https://github.com/vitalyrepin/uap-bro 2 | --------------------------------------------------------------------------------