Getting started with Trisul LUA Scripting

Using plain LuaJIT you can extend Trisul's functionality in a number of ways.


Skeleton Lua scripts you can copy and fill out

LUA Script selector - to help you pick the type of scripting API you need to use to accomplish a variety of tasks

Bro IDS scripting vs Trisul scripting

How to structure your scripts


Links to step by step tutorials

LuaJIT tips


Explains various programming techniques with real examples.


QUIC analyzer

A G-QUIC (Google QUIC) analyzer that parses a UDP-443 protocol, extracts indicators, and certificates. Learn how to use LuaJIT FFI to work with decompression, BITMAUL to parse protocols, etc.

Explains the Trisul Google QUIC protocol analyzer script

