Thursday, June 29, 2017

Bro Package Manager: list of packages

While we’re in the process of developing a web site for the Bro Package Manager project, we’d like to share the packages we have collected so far. The package names and a short description are listed below. 

Source: https://github.com/bro/packages
To learn how to use the Package Manager, see our documentation. 


Contributor
Package Name
Description
jsiwek
An example Bro package for testing purposes
0xxon
PostgreSQL reader and writer for Bro
0xxon
Two-dimensional buckets for sumstats (count occurences per $str)
Corelight
Find and log long-lived connections into a "conn_long" log
dopheide
Adds support for multi-notice correlation
dopheide
The Linux VENOM rootkit
Hhzzk
Detect DNS Tunnels attack
initconf
Detection for Apache Struts recon and compromise
initconf
Phish email analysis
initconf
Scan-detection policies for Bro
j-gras
Additional JSON-logging for Bro
j-gras
This plugin provides native AF_Packet support for Bro
j-gras
Extensions for Bro's intelligence framework
joesecurity
Extracts files from your internet connection and analyzes them automatically on Joe Sandbox
jonzeolla
Modified version of scan.bro to add destination IP sampling
jswaro/tcprs - TCP
TCP Retransmission and State Analyzer plugin for Bro
Ncsa
A broctl plugin that helps you setup capture interfaces
pgaulon
Bro Notices through Slack webhook
Scebro
LDAP write operations analyzer for Bro
sethhall
Packet source plugin that provides native Myricom SNF v3+v4 support
sethhall
Detect credit card numbers in HTTP and SMTP with Bro
sethhall
Bro script library for getting the effective TLD of a domain
sethhall
Detect US Social Security numbers in HTTP and SMTP with Bro
srozb
Find and notice DNS zone transfer attempts
theflakes
Raise notices on outgoing files over X bytes in size

No comments:

Post a Comment