Hello, I am quite new to Bro and need some help. I did go through some of the documentation and some source code but still not clear whether its possible to achieve what we are trying to do.
In a nutshell, we are trying to write an HTTPS analyzer for on the fly decryption of the SSL stream and then feed it to the built in HTTP Analyzer. We will use a crypto library + server keys to achieve the decryption. Is it possible at all do this in Bro? The high level idea is to derive the HTTPS_Analyzer from the current HTTP_Analyzer, feed the stream from TCP_Analyzer into the HTTPS_Analyzer and utilize the HTTP_Analyzer calls for the remainder of the functionality. Thanks for your help, NB
_______________________________________________ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev