by Seth Grover | Jan 27, 2026 | Packages
Learn how to use JA4 network fingerprinting in Zeek to identify client and server software, detect malware, and track behavior across encrypted connections without requiring decryption. Network fingerprinting helps identify client and server software without...
by Christian Kreibich, Johanna Amann | Mar 5, 2024 | community, deployment, Packages, security
On 5 March, the United States Cybersecurity and Infrastructure Security Agency (CISA) released an advisory pertaining to a Zeek package hosted by CISA’s GitHub account. This is not a security issue in Zeek itself but in a third-party provided package. The Zeek project...
by Yacin Nadji | Jul 29, 2021 | Packages, Telegram
Notices in Zeek Zeek’s Notice Framework enables network operators to specify how potentially interesting network findings can be reported. This decoupling of detection and reporting highlights Zeek’s flexibility: a notice-worthy event in network A may be...
by Christian Kreibich | Mar 15, 2021 | 4.0, Packages
Our latest Zeek release includes a number of improvements around zkg, Zeek’s package manager. They aim to make zkg more accessible and familiar to users of other package managers. In this blog post I’d like to walk you through these changes. zkg is now a core...
by Amber Graner | Jul 15, 2020 | community, package contest, Packages, ZPC-3
Update: added winners and Jury members. Are you a Zeek user?Do you enjoy writing Zeek scripts? Do you like being recognized for your awesome work? Do you want to make the world’s networks safer? Do you like winning prizes and claiming...
by Anthony Kasza | Apr 16, 2020 | open-source, Packages
I recently tried my hand at writing my first protocol analyzer for Zeek. This is something that I’ve wanted to accomplish since first learning about Zeek. I recall trying to concatenate all the strings from tcp_contents() and parse application layer data using string...
RSS - Posts