General

Profile

Brandon Murphy

  • Login: zoomequipd
  • Registered on: 09/17/2019
  • Last connection: 06/15/2023

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 21 16 37

Activity

08/31/2023

07:56 PM Suricata Feature #6290 (New): support case insensitive testing of HTTP header name existence
Consider the initial opening comment on https://redmine.openinfosecfoundation.org/issues/5774.
Many rules are wri...
Brandon Murphy
06:37 PM Suricata Feature #5775: http.headers - dynamic sticky buffers
Brandon Murphy wrote in #note-8:
> Just another random thought I just had - how would/will negations work when the H...
Brandon Murphy

08/02/2023

06:31 PM Suricata Feature #2695: websocket support
just another example of a RAT using websockets
https://asec.ahnlab.com/en/52899/
Source Code: https://github.co...
Brandon Murphy

06/23/2023

05:25 PM Suricata Bug #5439: Invalid certificate when Issuer is not present.
Tested against RC3-Dev (643e674cb 2023-06-16) and I was **not** able to replicate. So looks fixed in suri7.... Brandon Murphy

06/20/2023

12:31 PM Suricata Bug #2881: http.protocol parsing inaccuracy : accept spaces in URI
> Would not the solution rather be to consider the URI before the last block of spaces ? (even the raw one)
When i...
Brandon Murphy

06/15/2023

04:58 PM Suricata Bug #2881: http.protocol parsing inaccuracy : accept spaces in URI
I was testing the v16 fork of this and found a difference between 6.0.9 and v16. I was able to confirm the same beha... Brandon Murphy

05/19/2023

09:11 PM Suricata Support #5774: Addressing Mixed Case in HTTP Headers Names and HTTP2
> You want your rules to match both HTTP/1 and HTTP/2 while these have different capitalization for headers names, do... Brandon Murphy
02:00 PM Suricata Feature #5775: http.headers - dynamic sticky buffers
Just another random thought I just had - how would/will negations work when the HTTP header name doesn't exist? refer... Brandon Murphy

05/04/2023

03:59 PM Suricata Feature #2448: Add additional buffers for DNS Responses
It would be nice to have all dns flags parsed as well
perhaps like a dns.flags.z, dns.flags.replycode, etc
doin...
Brandon Murphy

05/03/2023

02:44 PM Suricata Bug #2224: Negated http_* match returns false if buffer not populated
Basic rules for multiple HTTP request rules and associated pcaps for testing.... Brandon Murphy

Also available in: Atom