[Bro-Dev] [Bro-Commits] [git/bro] topic/seth/libinjection: Integration with libinjection (https://github.com/client9/libinjection) (9ee6dff)
vallentin at icir.org
Wed Jul 3 13:53:29 PDT 2013
> - This is only for show. I did a tiny bit of testing with real
> network traffic and there were way too many false positives for
> this to be really useful. I'm not going to be filing a merge
> request for this.
Very useful to know! I was about to offer a student to investigate the
efficacy of libinjection, but given the high FPs, I am less excited
about it. Do you think it's possible to improve on the FP rate or is
the "model" hardcoded in the library?
More information about the bro-dev