[Bro] Bro Package Manager: list of packages
Dopheide, Jeannette M
jdopheid at illinois.edu
Wed Jun 28 12:11:37 PDT 2017
Attention Bro Community,
While we’re in the process of developing a web site for the Bro Package Manager project, we’d like to share the packages we have collected so far. The package names and a short description are listed below:
bro/0xxon/bro-postgresql - A PostgreSQL reader and writer for Bro.
bro/0xxon/bro-sumstats-counttable - Two-dimensional buckets for sumstats (count occurences per $str).
bro/corelight/bro-long-connections - Find and log long-lived connections into a "conn_long" log.
bro/dopheide/bro_notice_correlation - Adds support for multi-notice correlation.
bro/dopheide/venom (installed: master) - https://security.web.cern.ch/security/venom.shtml
bro/hhzzk/dns-tunnels - Detect DNS Tunnels attack.
bro/initconf/CVE-2017-5638_struts.git
bro/initconf/phish-analysis.git
bro/initconf/scan-NG
bro/j-gras/add-json - Additional JSON-logging for Bro.
bro/j-gras/bro-af_packet-plugin - This plugin provides native AF_Packet support for Bro.
bro/j-gras/intel-extensions - Extensions for Bro's intelligence framework.
bro/joesecurity/Joe-Sandbox-Bro - JoeSandbox-Bro extracts files from your internet connection and analyzes them automatically on Joe Sandbox.
bro/jonzeolla/scan-sampling - Modified version of scan.bro to add destination IP sampling.
bro/jsiwek/bro-test-package - An example Bro package for testing purposes.
bro/jswaro/tcprs - TCP Retransmission and State Analyzer plugin for Bro.
bro/ncsa/bro-interface-setup - A broctl plugin that helps you setup capture interfaces
bro/pgaulon/bro-notice-slack - Bro Notices through Slack webhook
bro/scebro/ldap-analyzer - LDAP write operations analyzer for Bro.
bro/sethhall/bro-myricom - Packet source plugin that provides native Myricom SNF v3+v4 support.
bro/sethhall/credit-card-exposure - Detect credit card numbers in HTTP and SMTP with Bro.
bro/sethhall/domain-tld
bro/sethhall/ssn-exposure - Detect US Social Security numbers in HTTP and SMTP with Bro.
bro/srozb/dns_axfr - Find and notice DNS zone transfer attempts.
bro/theflakes/bro-large_uploads - Raise notices on outgoing files over X bytes in size.
To learn how to use the Package Manager, see our documentation here:
http://bro-package-manager.readthedocs.io/en/stable/index.html
------
Jeannette Dopheide
Training and Outreach Coordinator
National Center for Supercomputing Applications
University of Illinois at Urbana-Champaign
More information about the Bro
mailing list