[Bro] Exfil Framework Released
Robert Rotsted
rotsted at reservoir.com
Wed Sep 10 12:14:24 PDT 2014
Hi all,
As announced at BroCon, Reservoir Labs just released the Exfil
Framework on Github.
The Exfil Framework is a suite of Bro scripts that detect file uploads
in TCP connections. The Exfil Framework can detect file uploads in
most TCP sessions including sessions that have encrypted payloads
(SCP,SFTP,HTTPS).
The scripts are located at:
https://github.com/reservoirlabs/bro-scripts/tree/master/exfil-detection-framework
Feel free to reach out to me if you have any questions, comments or
suggestions for improvement.
Best,
Bob
--
Bob Rotsted
Senior Engineer
Reservoir Labs, Inc.
More information about the Bro
mailing list