Hacknet Special

image.png

We love using Clarified Analyzer in our Traffic Audits. In addition to troubleshooting, we would like to see others use it for traffic audits too. Thus we are pleased to introduce a special pricing for KPMG 2009 participants.

See Also

Synthesis of results

I didn't have time to go on how different tools and analysts can collaborate through the Collab-environment. The video below demonstrates how two completely different tools are able to collaborate through the Collab. First Jani labels an interesting host. Then Lari runs his Open Source Reconnaissance tools for that host. Then Jani downloads that information back to the Analyzer Earthview.

While the Open Source Reconnaissance resembles something that for example Maltego does. However the concept, the collaborative approach is somewhat different.

Topology NG on Malware

While Topology NG helps you in quickly documenting some network setting, you can also use it to document so specific case. On the video below we demonstrate how you can do a traffic based analysis for malware and document dropsites, command&control etc. You may then use the case topology to explain the case to your colleagues/clients and to easily pick for example the packets to selected sites.

Custom Visualizations

Every now and then people ask us to do intuitive custom visualizations for communicating a complex problem to the high-level management. While you may use Clarified Analyzer to do visualizations of network traffic, you might want to visualize also some textual data. The video below is one example of such. Our video visualizes the data collected by Doxpara. It shows how DNS servers are patched over time. If you pay close attention, you see bigger flashes, sweeping over the timezones, every time someone releases an advisory.

Red = Unpatched
Green = Patched
Yellow = Mixture of both.