TryHackMe | Zeek

To access material, start machines and answer questions login.

Zeek logo.

(formerly Bro) is an open-source and commercial network monitoring tool (traffic analyser).

The official description; (opens in new tab) " (formerly Bro) is the world's leading platform for network security monitoring. Flexible, open-source, and powered by defenders." " is a passive, open-source network traffic analyser. Many operators use as a network security monitor () to support suspicious or malicious activity investigations. also supports a wide range of traffic analysis tasks beyond the security domain, including performance measurement and troubleshooting."

The room aims to provide a general network monitoring overview and work with to investigate captured traffic. This room will expect you to have basic familiarity and Network fundamentals (ports, protocols and traffic data). We suggest completing the "Network Fundamentals" path before starting working in this room.

A is attached to this room. You don't need or ; the room provides a "Split View" feature. Exercise files are located in the folder on the desktop. Log cleaner script "clear-logs.sh" is available in each exercise folder.

VM and interactive exercise materials.

Answer the questions below

Read the task above.

Ready to learn Cyber Security?

The Zeek room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.

Already have an account? Log in

Zeek

Task 1IntroductionTask includes a deployable machine

Task 2Network Security Monitoring and ZeekPremium

Task 3Zeek LogsPremium

Task 4CLI Kung-Fu Recall: Processing Zeek LogsPremium

Task 5Zeek SignaturesPremium

Task 6Zeek Scripts | FundamentalsPremium

Task 7Zeek Scripts | Scripts and SignaturesPremium

Task 8Zeek Scripts | FrameworksPremium

Task 9Zeek Scripts | PackagesPremium

Task 10ConclusionPremium

Ready to learn Cyber Security?