[Bro-Dev] [JIRA] (BIT-1379) PE File Analyzer

Vlad Grigorescu (JIRA) jira at bro-tracker.atlassian.net
Sun Apr 19 19:12:00 PDT 2015

     [ https://bro-tracker.atlassian.net/browse/BIT-1379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vlad Grigorescu updated BIT-1379:
    Status: Merge Request  (was: Open)

> PE File Analyzer
> ----------------
>                 Key: BIT-1379
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1379
>             Project: Bro Issue Tracker
>          Issue Type: New Feature
>          Components: Bro
>            Reporter: Vlad Grigorescu
> topic/vladg/file-analysis-exe-analyzer has some fixes and cleanup of topic/seth/file-analysis-exe-analyzer in order to add a Portable Executable file analyzer. The branch has been pushed to bro, bro-testing and bro-testing-private.
> As one might expect, there's a ton of information in the PE file format. The code will only interpret the headers, but that information will still provide a lot of actionable data.
> I believe that this is ready and would be a good addition to 2.4, but as it wasn't previously discussed, we can punt on it if we have to.

This message was sent by Atlassian JIRA

More information about the bro-dev mailing list