Differences

This shows you the differences between two versions of the page.

--- lua:examples [2018/12/22 18:11] – created veera
+++ lua:examples [2018/12/22 18:29] (current) – [QUIC analyzer] veera
@@ Line 1: / Line 1: @@
 ====== Script examples ======
 Explains various programming techniques with real examples.
-==== UA-Parser ====
+===== Where to find more Trisul scripts =====
+The following locations contain working Trisul LUA scripts
+  - [[https://github.com/trisulnsm/apps/tree/master/analyzers|Trisul Apps]]  :  Working scripts ready to install in production environments as Trisul APPS
+  - [[https://github.com/trisulnsm/trisul-scripts|Trisul-Scripts]] - Samples in the trisul-scripts repository
+  - [[https://github.com/trisulnsm/bitmaul/tree/master/examples|BITMAUL examples]] - Protocol dissection LUA scripts
+===== UA-Parser =====
+Demonstrates how to scan Intel artifacts against hundreds of regexes using Google RE2
 [[lua:ua-parser|Trisul script to use UA-Parser regex to track HTTP User Agents]]
-==== QUIC analyzer ====
+===== QUIC analyzer =====
 A G-QUIC (Google QUIC) analyzer that parses a UDP-443 protocol, extracts indicators, and certificates. Learn how to use LuaJIT FFI to work with decompression, BITMAUL to parse protocols, etc.
 [[lua:quic|Explains the Trisul Google QUIC protocol analyzer script]]
+===== Strelka  =====
+Strelka is a file scanning framework. This little script integrates Trisul File Extraction with Strelka scanning. The scan results in the form of JSON is fed back into Trisul as resources for search, alerting, or analysis.
+[[lua:strelka|Send files extracted from network to a Strelka cluster and feed back results]]