- Is the repository going to be maintain and updated
e.g new attacks and categories techniques ?
To be determined. We may do some small updates in the near future. Contributions from the Zeek community are welcome, and I believe we’ll be able to incorporate community contributions.
- Second isn’t possible to detect pth attack throught
Pass-the-Hash (pth) was not in the initial scope of the BZAR work. I think it would be great to add it, but I haven’t done a market survey to see if anyone else has already developed pth detection for Zeek.