X

While we’re in the process of developing a web site for the Bro Package Manager project, we’d like to share the packages we have collected so far. The package names and a short description are listed below. 


Source: https://github.com/bro/packages
To learn how to use the Package Manager, see our documentation. 

Contributor
Package
Name
Description
jsiwek
An example Bro package for testing purposes
0xxon
PostgreSQL reader and writer for Bro
0xxon
Two-dimensional buckets for
sumstats (count occurences per $str)
Corelight
Find and log long-lived connections into a
“conn_long” log
dopheide
Adds support for multi-notice
correlation
dopheide
The Linux VENOM rootkit
Hhzzk
Detect DNS Tunnels attack
initconf
Detection for Apache Struts recon and compromise
initconf
Phish
email analysis
initconf
Scan-detection
policies for Bro
j-gras
Additional JSON-logging for Bro
j-gras
This plugin provides native AF_Packet support for Bro
j-gras
Extensions for Bro’s intelligence
framework
joesecurity
Extracts files from your internet connection and analyzes
them automatically on Joe Sandbox
jonzeolla
Modified version of scan.bro to
add destination IP sampling
jswaro/tcprs
– TCP
TCP Retransmission and State Analyzer plugin for Bro
Ncsa
A broctl plugin that helps you
setup capture interfaces
pgaulon
Bro Notices through Slack webhook
Scebro
LDAP write operations analyzer for
Bro
sethhall
Packet source plugin that provides native Myricom SNF
v3+v4 support
sethhall
Detect credit card numbers in HTTP
and SMTP with Bro
sethhall
Bro script
library for getting the effective TLD of a domain
sethhall
Detect US Social Security numbers
in HTTP and SMTP with Bro
srozb
Find and notice DNS zone transfer attempts
theflakes
Raise notices on outgoing files
over X bytes in size

%d bloggers like this: