Skip to content

aboutsecurity/Bro-samples

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
CIF
CIF
 
 
sample1
sample1
 
 
sample2
sample2
 
 
sample3
sample3
 
 
sample4
sample4
 
 
scripts
scripts
 
 
README.md
README.md
 
 

Repository files navigation

Bro-samples

Bro scripts & pcap samples

Walk-through the samples using Bro IDS and CIF at Open Security Research: http://blog.opensecurityresearch.com/2014/03/identifying-malware-traffic-with-bro.html

References:

Catching “bayas” on the Wire: Practical. Kung-Fu to detect Malware Traffic. SANS EU Forensic Summit: http://digital-forensics.sans.org/summit-archives/Prague_Summit/Catching_Bayas_on_the_wire_Ismael_Valenzuela.pdf

Liam Randall’s samples, exercises and scripts: https://github.com/LiamRandall

Toolsmith: Collective Intelligence Framework: http://holisticinfosec.blogspot.com.es/2012/07/toolsmith-collective-intelligence.html

The Bro Network Security Monitor: http://www.bro.org/index.html

Malware dumps and pcaps: http://contagiodump.blogspot.com.es

Collective Intelligence Framework: https://code.google.com/p/collective-intelligence-framework/

Security Onion: http://blog.securityonion.net

Remnux: http://zeltser.com/remnux/

by Ismael Valenzuela (@aboutsecurity)

About

Network Forensics Bro scripts & pcap samples

Resources

Readme
Activity

Stars

63 stars

Watchers

7 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages