X

Writing My First Protocol Analyzer

I recently tried my hand at writing my first protocol analyzer for Zeek. This is something that I’ve wanted to accomplish since first learning about Zeek. I recall trying to concatenate all the strings from tcp_contents() and parse application layer data using string...

Got Zoom ?

I still find it amazing what you can find quite simply with Zeek.  Since Zoom seems to be on top of mind for many recently, as an example to show how easily you can highlight specific traffic with great accuracy and granularity, I wrote this simple PoC package...