Skip to content

malice-plugins/bro

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
docs
docs
 
 
test
test
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
VERSION
VERSION
 
 
circle.yml
circle.yml
 
 
scan.go
scan.go
 
 

Repository files navigation

malice-bro (WIP)

Circle CI License Docker Stars Docker Pulls Docker Image

Malice Bro Plugin - Scan PCAP or bind to interface and scan files off the wire.

Dependencies

Installation

  1. Install Docker.
  2. Download trusted build from public DockerHub: docker pull malice/bro

Usage

docker run --rm malice/bro

Or link your own malware folder:

$ docker run --rm -v /path/to/malware:/malware:ro malice/bro PCAP

Sample Output

JSON:

{
  "bro": {
  }
}

STDOUT (Markdown Table):

Bro

Documentation

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

License

MIT Copyright (c) 2016-2017 blacktop

About

Malice Bro Plugin

Topics

plugin docker malware bro network-monitoring malice bro-ids

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

3 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages