Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/frameworks/files
History
Seth Hall ee3e885712 Lots of fixes for file type identification. 
- Plain text now identified with BOMs for UTF8,16,32
   (even though 16 and 32 wouldn't get identified as plain text, oh-well)
 - X.509 certificates are now populating files.log with
   the mime type application/pkix-cert.
 - File signatures are split apart into file types
   to help group and organize signatures a bit better.
 - Normalized some FILE_ANALYSIS debug messages.
 - Improved Javascript detection.
 - Improved HTML detection.
 - Removed a bunch of bad signatures.
 - Merged a bunch of signatures that ultimately detected
   the same mime type.
 - Added detection for MS LNK files.
 - Added detection for cross-domain-policy XML files.
 - Added detection for SOAP envelopes.
2015-03-13 22:14:44 -04:00
..
magic Lots of fixes for file type identification. 2015-03-13 22:14:44 -04:00
__load__.bro Replace libmagic w/ Bro signatures for file MIME type identification. 2014-03-04 11:12:06 -06:00
main.bro Fixing analyzer tag types for some Files::* functions. 2015-02-08 18:23:22 -08:00
README Add README files for most Bro frameworks 2013-10-11 00:19:37 -05:00

README 

The file analysis framework provides an interface for driving the analysis
of files, possibly independent of any network protocol over which they're
transported.