[Bro] ssdeep hashing
Mark Buchanan
mabuchan at gmail.com
Thu Aug 11 06:02:30 PDT 2016
I'm curious (and will admit, I haven't checked source), but is there a framework for handling hashing/file analysis, to allow for extensibility/experimentation with different mechanisms? Or is all the current hashing "hard coded"? Is this something that Bro threads, so it scales better?
--
Mark Buchanan
> On Aug 11, 2016, at 07:30, David Hoelzer <dhoelzer at enclaveforensics.com> wrote:
>
> Sounds like an interesting plugin to write.
>
> From: [mailto:bro-bounces at bro.org] On Behalf Of philosnef
> Sent: Thursday, August 11, 2016 7:56 AM
> To: bro at bro.org
> Subject: [Bro] ssdeep hashing
>
> Is there anything out there Bro wise that can do ssdeep hashing? Thanks.
>
> _______________________________________________
>
> Bro mailing list
>
> bro at bro-ids.org
>
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160811/c4344f00/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2182 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160811/c4344f00/attachment.bin
More information about the Bro
mailing list