Vlad Grigorescu created BIT-1379:
------------------------------------
Summary: PE File Analyzer
Key: BIT-1379
URL: https://bro-tracker.atlassian.net/browse/BIT-1379
Project: Bro Issue Tracker
Issue Type: New Feature
Components: Bro
Reporter: Vlad Grigorescu
topic/vladg/file-analysis-exe-analyzer has some fixes and cleanup of
topic/seth/file-analysis-exe-analyzer in order to add a Portable Executable
file analyzer. The branch has been pushed to bro, bro-testing and
bro-testing-private.
As one might expect, there's a ton of information in the PE file format. The
code will only interpret the headers, but that information will still provide a
lot of actionable data.
I believe that this is ready and would be a good addition to 2.4, but as it
wasn't previously discussed, we can punt on it if we have to.
--
This message was sent by Atlassian JIRA
(v6.4-OD-16-006#64014)
_______________________________________________
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
