Thanks, I'll check it out. 

edX

On Wed, Oct 23, 2019 at 4:41 PM Richard Bejtlich <richard@corelight.com> wrote:
I just Googled 

bro sql injection detection

and this paper was the second result, right after a link to the Bro SQL injection detection script.

https://www.sans.org/reading-room/whitepapers/detection/web-application-attack-analysis-bro-ids-34042  

You might have to look for Bro references as the Zeek rename is only a year old.

Sincerely,

Richard

On Wed, Oct 23, 2019 at 9:26 AM edX <edx0004@gmail.com> wrote:
I have done some research on detecting ssh bruteforce attacks. I found resource from hold my beer blog.

edx0004.

On Wed, Oct 23, 2019 at 3:49 PM Richard Bejtlich <richard@corelight.com> wrote:
Hello,

What research have you done so far?

Richard

On Wed, Oct 23, 2019 at 4:04 AM edX <edx0004@gmail.com> wrote:
Hello! I am an intermediate zeek user. I would like a walk-through on how i can use zeek to detect different types of attacks such as sql injection, ddos, man in the middle attacks and the likes.
Thanks.
_______________________________________________
Zeek mailing list
zeek@zeek.org
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek


--
Richard Bejtlich
Principal Security Strategist, Corelight


--
Richard Bejtlich
Principal Security Strategist, Corelight