See Active recon.
Home page with “heatmap” IP addresses.
Scan result details, using the “heatmap” IP addresses to “zoom” in the address space
Screenshots containing the word “solar” and map
Most common products seen on port 80
Help tooltip and most common ENIP vendors
DNS flows with halo to show connected nodes
Flows with details for a specific host
Flows with details for a specific flow
Passive network analysis¶
A simple passive analysis demonstration
The data from the previous scene used to create an Nmap-like result
See IVRE with Kibana.
Domain names tag cloud
Service names tag cloud
Countries / AS numbers pie
Heatmap showing correlations between AS and open ports
IVRE as a plugin¶
Fictitious investigation in Yeti about an IP address used by the archlinux.org domain, based on data from IVRE.
Cortex report about an IP address using data from IVRE.
Fictitious investigation in OpenCTI based on scans data from IVRE.
Fictitious investigation in OpenCTI based on passive data from IVRE.