New Sguil and Metasploit Releases

Bamm just released Sguil 0.5.1. This is a lot more than a bug fix release. There are some cool new features in Sguil 0.5.1, like enhanced reporting options, regular expressing matching for the autocat function, and searching packet payloads in the client. I will update my installation guide soon, probably by next week. The only major installation issue involves a change in directory structures to support multiple Sguil installations on a single sensor.

Incidentally, it appears the Prelude project has been taking a look at Sguil features. I cover Prelude in chapter 9 of my book, based on help by the Prelude team and their documentation folks at Dreamlab.

Also, the Metasploit Framework has released version 2.2. The Framework page shows new exploits which have been added.

Update: Sguil 0.5.2 was just released on 12 Aug to fix a bug in the autocat function, so don't bother with 0.5.1, as detailed in the CHANGES file.

Comments

Anonymous said…
Good soft for network security analysts

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics