Hello
I’m running Bro in my network, and I want to perform attacks to test its capabilities and create alert information.
I choose to use SYN Flood Attack and ARP Spoofing Attack, can anyone tell me where to find these scripts?
Any help would be great. Thank You.
It looks like there’s a syn flood detection script here: http://www.gnu-darwin.org/www001/src/ports/security/bro/work/bro-1.2.1/policy/synflood.bro
and an arp spoofing detection script here: https://github.com/maxfeldman14/brospects/blob/master/arpspoof.bro
But I’m not sure if there is anything more up-to-date.