Threat Hunting with Python and Bro IDS Part 3: Taming SMB

This is the third part of a series I originally¬†posted on the Dragos Blog. 2017 was a busy year for attackers. Between the WannaCry/Petya/Bad Rabbit ransomware, GOP hacks, Game of Thrones/HBO hacks, Equifax breach and the TRISIS malware that targeted industrial control safety systems in the Middle East, many new proven attack scenarios developed that … Continue reading Threat Hunting with Python and Bro IDS Part 3: Taming SMB

Simplifying Bro IDS Log Parsing with ParseBroLogs

This week I pushed a Python package to pip to simplify parsing logs from the Bro Intrusion Detection System. This package works on both Python 2 and Python 3. You can use the following command to install the utility in your environment: pip install parsebrologs Additional examples and the source code are available¬†on Github. Motivation: … Continue reading Simplifying Bro IDS Log Parsing with ParseBroLogs