[Bro] testing performances of binpac's parser
Bortoli, Tomas
tomas.bortoli at sit.fraunhofer.de
Fri Sep 22 02:30:57 PDT 2017
Thanks, I'll check that out!
Tomas
________________________________________
From: Johanna Amann [johanna at icir.org]
Sent: Thursday, September 21, 2017 6:02 PM
To: Bortoli, Tomas
Cc: bro at bro.org
Subject: Re: [Bro] testing performances of binpac's parser
Hi,
> I would like to test a binpac's generated parser that I wrote. Is there
> a handy way to get the C++ code running on some payload of my choice? I
> guess there is but it would be helpful if somebody gives a hint on where
> to start!
I actually recently did this for a research project where I used binpac to
parse a X.509 data structure in a standalone project. The source code is
up here: https://github.com/0xxon/sct-utils
The interesting utility is extractSCT. Note that to be able to use binpac
completely without Bro you need to patch binpac.h a little bit; if I
remember it correctly it does include Bro header files by default (that
are not really necessary in a standalone utility).
I hope this helps,
Johanna
More information about the Bro
mailing list