[Bro] Exfil Framework Released
James Lay
jlay at slave-tothe-box.net
Wed Sep 10 12:39:32 PDT 2014
On 2014-09-10 13:14, Robert Rotsted wrote:
> Hi all,
>
> As announced at BroCon, Reservoir Labs just released the Exfil
> Framework on Github.
>
> The Exfil Framework is a suite of Bro scripts that detect file
> uploads
> in TCP connections. The Exfil Framework can detect file uploads in
> most TCP sessions including sessions that have encrypted payloads
> (SCP,SFTP,HTTPS).
>
> The scripts are located at:
>
> https://github.com/reservoirlabs/bro-scripts/tree/master/exfil-detection-framework
>
> Feel free to reach out to me if you have any questions, comments or
> suggestions for improvement.
>
> Best,
>
> Bob
Good stuff...thanks Bob.
James
More information about the Bro
mailing list