Category: How-To
-
YouTube Video For How To Connect Zeek To Python Is Up!
Here is a short video I put together to show how to pass PCAP data from Zeek through Python and back to Zeek. The original instructions I wrote can be found here:…
-
How To Connect Zeek To Python
I was recently asked how to send data from Zeek to Python. After flipping through the Zeek Broker documentation I couldn’t find a good example to reference, so here is my example.…
-
Industrial Control Systems (ICS) PCAP Resources For Zeek And Wireshark
In this video I walk through several resources to download ICS protocol PCAPs:
-
Understanding The Zeek Spicy Wireguard VPN Protocol Analyzer
In this presentation I walk through every line of code in the open source Zeek Spicy Wireguard VPN protocol analyzer. It’s more fun than it sounds, honestly. Spicy documentation: https://docs.zeek.org/projects/spicy/en/latest/index.html Slides: https://docs.google.com/presentation/d/1LOCtYEr8cJ_DLqcjJoyUu1g7-iQbOjS45AnDjzknL7U/edit?usp=sharing
-
Anatomy Of A Zeek Spicy Protocol Analyzer
This video will walk through all the important parts of a Zeek Spicy protocol analyzer.
-
BACNet Basics With Zeek
We look at what BACNet traffic looks like in Zeek, along the way explaining some BACNet basics.
-
Easily Run Zeek and Spicy in a Docker Container
Here you will learn to run Zeek and Spicy in a Docker container. I do this often to test my code on different versions of Zeek without having to fully install each…
-
Create a Zeek Spicy Analyzer from a Template
Learn how to create a Zeek Spicy protocol analyzer from a template using “zkg create”.