[Bro-Dev] [JIRA] (BIT-1379) PE File Analyzer

Vlad Grigorescu (JIRA) jira at bro-tracker.atlassian.net
Sun Apr 19 19:12:00 PDT 2015


     [ https://bro-tracker.atlassian.net/browse/BIT-1379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vlad Grigorescu updated BIT-1379:
---------------------------------
    Status: Merge Request  (was: Open)

> PE File Analyzer
> ----------------
>
>                 Key: BIT-1379
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1379
>             Project: Bro Issue Tracker
>          Issue Type: New Feature
>          Components: Bro
>            Reporter: Vlad Grigorescu
>
> topic/vladg/file-analysis-exe-analyzer has some fixes and cleanup of topic/seth/file-analysis-exe-analyzer in order to add a Portable Executable file analyzer. The branch has been pushed to bro, bro-testing and bro-testing-private.
> As one might expect, there's a ton of information in the PE file format. The code will only interpret the headers, but that information will still provide a lot of actionable data.
> I believe that this is ready and would be a good addition to 2.4, but as it wasn't previously discussed, we can punt on it if we have to.



--
This message was sent by Atlassian JIRA
(v6.4-OD-16-006#64014)


More information about the bro-dev mailing list