Skip to content
@corelight

Corelight, Inc.

Corelight is the most powerful network visibility solution for information security professionals, founded by the creators of open-source Zeek.

Popular repositories Loading

  1. zeek-cheatsheets zeek-cheatsheets Public

    Zeek Log Cheatsheets

    297 47

  2. community-id-spec community-id-spec Public

    An open standard for hashing network flows into identifiers, a.k.a "Community IDs".

    Python 184 26

  3. threat-hunting-guide threat-hunting-guide Public

    53 13

  4. raspi-corelight raspi-corelight Public

    Corelight@Home script

    Shell 44 5

  5. zeek-community-id zeek-community-id Public

    Zeek support for Community ID flow hashing.

    Zeek 37 18

  6. zeek2es zeek2es Public

    A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for further processing!

    Python 37 5

Repositories

Showing 10 of 151 repositories
  • terraform-aws-single-sensor Public

    Terraform for a single AWS Corelight EC2 instance Cloud Sensor Deployment.

    corelight/terraform-aws-single-sensor’s past year of commit activity
    HCL 1 MIT 0 0 0 Updated Oct 7, 2025
  • corelight-cloud Public

    IaC used to deploy Corelight Sensors into various Cloud Providers.

    corelight/corelight-cloud’s past year of commit activity
    HCL 2 MIT 1 0 0 Updated Oct 6, 2025
  • CorelightForCrowdStrike Public

    Corelight app for CrowdStrike LogScale and Next-Gen SIEM

    corelight/CorelightForCrowdStrike’s past year of commit activity
    4 0 0 1 Updated Oct 3, 2025
  • zeek-strrat-detector Public

    A Zeek based STRRAT malware detector.

    corelight/zeek-strrat-detector’s past year of commit activity
    CMake 0 BSD-3-Clause 2 0 0 Updated Oct 2, 2025
  • zeek-quasarrat-detector Public

    Zeek detector for QuasarRat

    corelight/zeek-quasarrat-detector’s past year of commit activity
    Shell 2 BSD-3-Clause 1 0 0 Updated Oct 2, 2025
  • CorelightForSentinelOne Public

    Corelight Dashboards and Parsers for Sentinel One Singularity

    corelight/CorelightForSentinelOne’s past year of commit activity
    2 0 0 1 Updated Sep 30, 2025
  • pingback Public

    A Zeek package to detect the Pingback malware ICMP tunnel command and control (C2) network traffic.

    corelight/pingback’s past year of commit activity
    Zeek 9 BSD-3-Clause 5 0 0 Updated Sep 29, 2025
  • zeek-netsupport-detector Public

    A Zeek based NetSupport detector. NetSupport is often abused by attackers in malware.

    corelight/zeek-netsupport-detector’s past year of commit activity
    Shell 1 BSD-3-Clause 2 0 0 Updated Sep 29, 2025
  • zeek-gozi-detector Public

    A Zeek based Gozi banking malware detector.

    corelight/zeek-gozi-detector’s past year of commit activity
    Zeek 0 BSD-3-Clause 1 0 0 Updated Sep 29, 2025
  • zeek-caldera-detector Public

    A Zeek based Mitre Caldera detector.

    corelight/zeek-caldera-detector’s past year of commit activity
    Zeek 0 BSD-3-Clause 0 0 0 Updated Sep 29, 2025
View all repositories