Zeek
Network Security
Detecting Default Meterpreter HTTPS Listeners
Detecting default Meterpreter HTTPS listeners by fingerprinting TLS certificate metadata, cipher suites, and HTTP response bodies using Nmap, Zeek, Splunk, and Elastic.
Information Security
Ingesting PCAP Files with Zeek and Splunk
How to safely ingest and analyze pcap files at scale using Zeek and Splunk.