[Bro] Bro Script to detect plain text passwords?

Jeff Hammett jeff at jeffhammett.com
Tue Nov 4 15:24:02 PST 2014

I recently demo’d Tenable’s Passive Vulnerability Scanner, but found that it wasn’t a good fit for my environment. However it did have one nice feature I liked, the ability to detect passwords sent in plain text.

Does Bro have this functionality? Or would it be feasible to write a script to do so? (I haven’t written any scripts yet, but am interested).

I think I would be most interested in detecting plain text passwords used for http logins, but wouldn’t mind monitoring for other protocols as well.


More information about the Bro mailing list