Open Information Security Foundation

08/10/2025

11:26 AM Suricata Feature #7844 (New): websocket: add option to log payloads in Eve websocket events

Currently `SCWebSocketLoggerLog` hardcodes `pp` and `pb64` as `false`.
An user can only dumps websocket payloads wit... A. IOOSS

09:00 AM Suricata Bug #7843 (Resolved): HTTP dissection anomaly on `Content-Encoding: identity`

During an attack-defense CTF, I captured the following exchange between a Python HTTPX client and an ASP.NET server (... A. IOOSS

07/20/2025

07:21 PM Suricata Bug #7824: hyperscan: caching results in segfault with link time optimization (-flto=auto, etc)

The rule engine is buggy when using hyperscan. This can be reproduced on a fresh Ubuntu 24.04 install, with the same ... A. IOOSS

10:02 AM Suricata Bug #7824 (Closed): hyperscan: caching results in segfault with link time optimization (-flto=auto, etc)

Ubuntu 24.04LTS, with https://launchpad.net/~oisf/+archive/ubuntu/suricata-stable PPA
`apt policy suricata` shows:... A. IOOSS

08/29/2024

04:41 PM Suricata Bug #7169: lua/output: vendored lua search for modules in /usr/local/ rather than /usr/

Make sense! In that case shouldn't the Lua engine have an empty search path rather than /usr/local/share/lua/5.4/? Ar... A. IOOSS

07/13/2024

05:14 PM Suricata Bug #7169 (Closed): lua/output: vendored lua search for modules in /usr/local/ rather than /usr/

I am trying Suricata 8.0.0-dev on current master and I am noticing that the new builtin Lua engine does not use the s... A. IOOSS