trietptm/extract-files.bro

Forked from danzajork/extract-files.bro

Created December 2, 2019 07:22

Star 0 You must be signed in to star a gist
Fork 0 You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/trietptm/2c84409ead68034c2e999e7b22fb0c55.js"></script>
Save trietptm/2c84409ead68034c2e999e7b22fb0c55 to your computer and use it in GitHub Desktop.

Download ZIP

bro script to extract all files to disk

Raw

extract-files.bro

	##! Extract all files to disk.

	@load base/files/extract

	event file_new(f: fa_file)
	{
	Files::add_analyzer(f, Files::ANALYZER_EXTRACT);
	}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment