Social Media
Categories
-
How To Connect Zeek To Python
I was recently asked how to send data from Zeek to Python. After flipping through the Zeek Broker documentation I couldn’t find a good example to reference, so here is my example. The code for this demo is available here: https://github.com/keithjjones/zeek-python-broker-demo The first piece of our source code is the…
-
eCrimeBytes Glossary
We created a growing glossary for our eCrimeBytes podcasts:
-
Industrial Control Systems (ICS) PCAP Resources For Zeek And Wireshark
In this video I walk through several resources to download ICS protocol PCAPs:
-
Understanding The Zeek Spicy Wireguard VPN Protocol Analyzer
In this presentation I walk through every line of code in the open source Zeek Spicy Wireguard VPN protocol analyzer. It’s more fun than it sounds, honestly. Spicy documentation: https://docs.zeek.org/projects/spicy/en/latest/index.html Slides: https://docs.google.com/presentation/d/1LOCtYEr8cJ_DLqcjJoyUu1g7-iQbOjS45AnDjzknL7U/edit?usp=sharing
-
eCrimeBytes S 1, Ep 3: Violence As A Service With ”PatTheBat”
This episode we take a look at a shooting at one PA residence and a firebombing at another. Are these two crimes related? We will meet an enforcer who named himself “PatTheBat” and discuss how his sloppy behavior plus love for Mad Dog 20/20 brought him to the attention of…
-
Anatomy Of A Zeek Spicy Protocol Analyzer
This video will walk through all the important parts of a Zeek Spicy protocol analyzer.
-
BACNet Basics With Zeek
We look at what BACNet traffic looks like in Zeek, along the way explaining some BACNet basics.
-
Easily Run Zeek and Spicy in a Docker Container
Here you will learn to run Zeek and Spicy in a Docker container. I do this often to test my code on different versions of Zeek without having to fully install each version.