Zeek – Network Traffic Analysis and Security Monitoring Tool

Zeek Network Security Monitor:

Zeek (formerly Bro) is a popular and powerful network traffic analysis framework, which is used by a wide variety of security professionals. Like Virustotal, Bro is offered free as an open-source, UNIX-based network monitoring framework that can be used for detecting network intrusion, collecting network measurements, and generating an extensive set of log files that records a network’s activity in high-level terms.

These logs include not only a comprehensive record of every connection seen on the network, but also application layer transcripts such as all HTTP sessions and their requested URIs (Uniform Resource Identifier), key headers, MIME (Multipurpose Internet Mail Extensions) types, and server responses. Bro also provides analysts with a scripting language similar to Python’s functionality, that allows users to customize network analysis.

https://socinvestigation.com/zeek-network-traffic-analysis-and-security-monitoring-tool/

[课程]FART 脱壳王！加量不加价！FART作者讲授！