[Bro-Dev] [JIRA] (BIT-1379) PE File Analyzer
Robin Sommer (JIRA)
jira at bro-tracker.atlassian.net
Mon Apr 20 16:09:00 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robin Sommer reassigned BIT-1379:
---------------------------------
Assignee: Robin Sommer
> PE File Analyzer
> ----------------
>
> Key: BIT-1379
> URL: https://bro-tracker.atlassian.net/browse/BIT-1379
> Project: Bro Issue Tracker
> Issue Type: New Feature
> Components: Bro
> Reporter: Vlad Grigorescu
> Assignee: Robin Sommer
>
> topic/vladg/file-analysis-exe-analyzer has some fixes and cleanup of topic/seth/file-analysis-exe-analyzer in order to add a Portable Executable file analyzer. The branch has been pushed to bro, bro-testing and bro-testing-private.
> As one might expect, there's a ton of information in the PE file format. The code will only interpret the headers, but that information will still provide a lot of actionable data.
> I believe that this is ready and would be a good addition to 2.4, but as it wasn't previously discussed, we can punt on it if we have to.
--
This message was sent by Atlassian JIRA
(v6.5-OD-01-120#65000)
More information about the bro-dev
mailing list