bro-config
passive network traffic analyzer
Install
- All systems
-
curl cmd.cat/bro-config.sh
- Debian
-
apt-get install bro - Ubuntu
-
apt-get install bro - Kali Linux
-
apt-get install bro - Fedora
-
dnf install bro-core - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install bro - OS X
-
brew install bro - Raspbian
-
apt-get install bro - Dockerfile
- dockerfile.run/bro-config
bro
passive network traffic analyzer
Bro is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Bro supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with trouble-shooting. Bro comes with built-in functionality for a range of analysis and detection tasks, including detecting malware by interfacing to external registries, reporting vulnerable versions of software seen on the network, identifying popular web applications, detecting SSH brute-forcing, validating SSL certificate chains, among others.