Detect credit card numbers in HTTP and SMTP with Zeek. This script only works with Zeek 3.0+.
zkg refresh zkg install sethhall/credit-card-exposure
cd <prefix>/share/zeek/site/ git clone git://github.com/sethhall/credit-card-exposure.git echo "@load credit-card-exposure/scripts/" >> local.zeek
After the credit-card-exposure module is loaded, follow the configuration examples below.
The only interesting configuration available for users is for log redaction. The default is conservative to avoid creating more sensitive data so notices and logs are redacted by default. If you would like to change this setting, you can add the following line to your local site configuration script after loading the module:
redef CreditCardExposure::redact_log = F;