Screenshots gallery¶
Nmap results¶
See Active recon.
Home page with “heatmap” IP addresses.
Scan result details, using the “heatmap” IP addresses to “zoom” in the address space
Screenshots containing the word “solar” and map
Most common products seen on port 80
Help tooltip and most common ENIP vendors
Flow analysis¶
See Flow.
DNS flows with halo to show connected nodes
Flows with details for a specific host
Flows with details for a specific flow
Flow map
Passive network analysis¶
See Passive.
A simple passive analysis demonstration
The data from the previous scene used to create an Nmap-like result
Kibana exploration¶
See IVRE with Kibana.
Domain names tag cloud
Service names tag cloud
Countries / AS numbers pie
Heatmap showing correlations between AS and open ports
World map
IVRE as a plugin¶
See YETI plugin, Cortex analyzer and OpenCTI connector use cases.
Fictitious investigation in Yeti about an IP address used by the archlinux.org domain, based on data from IVRE.
Cortex report about an IP address using data from IVRE.
Fictitious investigation in OpenCTI based on scans data from IVRE.
Fictitious investigation in OpenCTI based on passive data from IVRE.