[Bro-Dev] [JIRA] (BIT-1379) PE File Analyzer
Vlad Grigorescu (JIRA)
jira at bro-tracker.atlassian.net
Sun Apr 19 19:12:00 PDT 2015
Vlad Grigorescu created BIT-1379:
------------------------------------
Summary: PE File Analyzer
Key: BIT-1379
URL: https://bro-tracker.atlassian.net/browse/BIT-1379
Project: Bro Issue Tracker
Issue Type: New Feature
Components: Bro
Reporter: Vlad Grigorescu
topic/vladg/file-analysis-exe-analyzer has some fixes and cleanup of topic/seth/file-analysis-exe-analyzer in order to add a Portable Executable file analyzer. The branch has been pushed to bro, bro-testing and bro-testing-private.
As one might expect, there's a ton of information in the PE file format. The code will only interpret the headers, but that information will still provide a lot of actionable data.
I believe that this is ready and would be a good addition to 2.4, but as it wasn't previously discussed, we can punt on it if we have to.
--
This message was sent by Atlassian JIRA
(v6.4-OD-16-006#64014)
More information about the bro-dev
mailing list