Screenshots gallery¶

Nmap results¶

See Active recon.

screenshot_heatmap

Home page with “heatmap” IP addresses.

screenshot_heatmap_zoom

Scan result details, using the “heatmap” IP addresses to “zoom” in the address space

screenshot_solar_map

Screenshots containing the word “solar” and map

screenshot_top_products_80

Most common products seen on port 80

screenshot_top_enip_vendors

Help tooltip and most common ENIP vendors

Flow analysis¶

See Flow.

screenshot_flow_dns_halo

DNS flows with halo to show connected nodes

screenshot_flow_host_details

Flows with details for a specific host

screenshot_flow_flow_details

Flows with details for a specific flow

screenshot_map

Flow map

Passive network analysis¶

animation_passive

A simple passive analysis demonstration

animation_passive_view

The data from the previous scene used to create an Nmap-like result

Kibana exploration¶

See IVRE with Kibana.

screenshot_kibana_cloud_domains

Domain names tag cloud

screenshot_kibana_cloud_services

Service names tag cloud

screenshot_kibana_pie_countries_asnums

Countries / AS numbers pie

screenshot_kibana_heatmap_asnames_ports

Heatmap showing correlations between AS and open ports

screenshot_kibana_worldmap

World map

IVRE as a plugin¶

See YETI plugin, Cortex analyzer and OpenCTI connector use cases.

yeti_investigation

Fictitious investigation in Yeti about an IP address used by the archlinux.org domain, based on data from IVRE.

cortex_analyzer_template

Cortex report about an IP address using data from IVRE.

opencti_connector_scans

Fictitious investigation in OpenCTI based on scans data from IVRE.

opencti_connector_passive

Fictitious investigation in OpenCTI based on passive data from IVRE.

Read the Docs v: latest

Versions: latest; stable

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.