cert2bro.py - Converts a PEM format certificate into a config stanza for Bro-IDS. Needs hexdump and openssl installed on system.
cif-to-bro.py - Takes a CIF feed of domains and converts it into a data structure for use with the sensitive-dns.bro script.
restart_bro.py - Restarts bro nodes that have hung or crashed or passed a certain threshold for packet loss.
bro-ids - init script for Debian-based systems, poorly written, but it works.
bro-2.0.rules - Parsing rules for prelude-ids to turn bro notices into events.
sensitive-dns.bro - Uses a datastructure of malicious domains and descriptors to alert on lookups to malicious dns addresses. Also demonstrates a heuristics rule for potential Zeus C2 domains.
tune-md5.bro - Tunes out md5 notices on systems in certain commonly used and trusted networks.
bro-ids.conf - Adds rules to rsyslog so that bro data is sent to an ELSA instance. Shamelessly stolen from Martin Holste. Put it in /etc/rsyslog.d/