marcin.dulak at ...11827...
Mon Apr 3 08:10:58 EDT 2017
pytbull -t ip-address-of-snort is run from the client machine and will send
the network traffic defined in the pytbull source code/config.cfg to snort.
The client wants ftp server running on snort in order to fetch the
This usage of pytbull is described at https://github.com/marcindu
Start from the pytbull setup ignoring the malicious payloads for the moment
(called clientSideAttacks in pytbull/conf/config.cfg),
and verify (e.g. with tcpdump on the client and snort) that pytbull
generates the expected traffic.
Later, if you also want to test whether snort detects malicious payloads
This shows the use of pytbull-server.py on the snort machine for opening a
reverse shell for downloading the malicious files from dropbox.
I BCC also the author of pytbull - maybe he is still still active on that
On Mon, Apr 3, 2017 at 11:01 AM, Mojtaba Haghighipour <
moj.haghighipour at ...11827...> wrote:
> Thanks for your reply...
> It's a very good suggestion for me but how to work with it?I read the
> documentation page for that but didn't understand how to work with.
> How to configure server and client to start these tests?
> Sent from my BlackBerry 10 smartphone.
> *From: *Marcin Dulak
> *Sent: *Tuesday, March 14, 2017 02:36
> *To: *Mojtaba Haghighipour
> *Cc: *snort-users mailinglist
> *Subject: *Re: [Snort-users] dataset
> On Sat, Mar 11, 2017 at 8:00 PM, Mojtaba Haghighipour <
> moj.haghighipour at ...11827...> wrote:
>> why question is some different from the others.
>> I need to test my snort IDS with a DataSet of packets that involves
>> malicious and benign data packets.
>> I found kdd cup and MIT university DataSets, but I need newer DataSet.
>> Is there any body , that help me???
> try http://pytbull.sourceforge.net/ - it generates traffic directed at
> your snort sensor using various tools
> (nmap, hping, tcpreplay, hydra, nikto, ...) and creates a summary by
> parsing snort's alert -A fast fetched over ftp from the sensor.
> It can even download some malicious content from a dropbox account ...
>> thanks a lot ...
>> Announcing the Oxford Dictionaries API! The API offers world-renowned
>> dictionary content that is easy and intuitive to access. Sign up for an
>> account today to start using our lexical data to power your apps and
>> projects. Get started today and enter our developer competition.
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> Snort-users list archive:
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
More information about the Snort-users