Bro scripts & pcap samples
Walk-through the samples using Bro IDS and CIF at Open Security Research: http://blog.opensecurityresearch.com/2014/03/identifying-malware-traffic-with-bro.html
References:
Catching “bayas” on the Wire: Practical. Kung-Fu to detect Malware Traffic. SANS EU Forensic Summit: http://digital-forensics.sans.org/summit-archives/Prague_Summit/Catching_Bayas_on_the_wire_Ismael_Valenzuela.pdf
Liam Randall’s samples, exercises and scripts: https://github.com/LiamRandall
Toolsmith: Collective Intelligence Framework: http://holisticinfosec.blogspot.com.es/2012/07/toolsmith-collective-intelligence.html
The Bro Network Security Monitor: http://www.bro.org/index.html
Malware dumps and pcaps: http://contagiodump.blogspot.com.es
Collective Intelligence Framework: https://code.google.com/p/collective-intelligence-framework/
Security Onion: http://blog.securityonion.net
Remnux: http://zeltser.com/remnux/
by Ismael Valenzuela (@aboutsecurity)