User Tools

Site Tools


lua:start

Getting started with Trisul LUA Scripting

Using plain LuaJIT you can extend Trisul's functionality in a number of ways.

Concepts

Skeleton Lua scripts you can copy and fill out

LUA Script selector - to help you pick the type of scripting API you need to use to accomplish a variety of tasks

Bro IDS scripting vs Trisul scripting

How to structure your scripts

Tutorials

Links to step by step tutorials

LuaJIT tips

Techniques

Explains various programming techniques with real examples.

UA-Parser

QUIC analyzer

A G-QUIC (Google QUIC) analyzer that parses a UDP-443 protocol, extracts indicators, and certificates. Learn how to use LuaJIT FFI to work with decompression, BITMAUL to parse protocols, etc.

Explains the Trisul Google QUIC protocol analyzer script

lua/start.txt · Last modified: 2018/12/13 11:41 by veera