Skip to content

Commit

Permalink
Merge pull request #719 from p-l-/update-doc
Browse files Browse the repository at this point in the history 
Doc: add passive screencasts
  • Loading branch information
@p-l-
p-l- committed Jul 6, 2019
2 parents cf1756d + f372fcd commit b6ee20f
Show file tree
Hide file tree
Showing 21 changed files with 654 additions and 26 deletions.
2 changes: 1 addition & 1 deletion .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ before_script:
- export BRO_SAMPLES=`pwd`/usr/local/bro/testing
- ivre --version; echo; bro --version; echo; nmap --version

script: (test "$DB" != "maxmind" || test "$TRAVIS_PYTHON_VERSION" = 2.6 || test "$TRAVIS_PYTHON_VERSION" = 3.3 || (flake8 --ignore=F401,E402 doc/conf.py && flake8 --ignore= setup.py bin/ivre && flake8 --ignore=E402,W504 tests/tests.py && flake8 --ignore=W504 ivre/ && echo "flake8 OK (except W504)")) && (test "$DB" != "maxmind" || test "$TRAVIS_PYTHON_VERSION" != 3.7 || (codespell --ignore-words=.travis/codespell_ignore `git ls-files | grep -vE '^web/static/(doc|an|bs|d3|jq|lk)/|^data/|\.(png|gif)$'` && echo "codespell OK")) && cd tests/ && coverage erase && coverage run --parallel-mode tests.py --coverage && coverage combine && coverage report
script: (test "$DB" != "maxmind" || test "$TRAVIS_PYTHON_VERSION" = 2.6 || test "$TRAVIS_PYTHON_VERSION" = 3.3 || (flake8 --ignore=F401,E402 doc/conf.py && flake8 --ignore=W504 setup.py bin/ivre && flake8 --ignore=E402,W504 tests/tests.py && flake8 --ignore=W504 ivre/ && echo "flake8 OK (except W504)")) && (test "$DB" != "maxmind" || test "$TRAVIS_PYTHON_VERSION" != 3.7 || (codespell --ignore-words=.travis/codespell_ignore `git ls-files | grep -vE '^web/static/(doc|an|bs|d3|jq|lk)/|^data/|\.(png|gif|svg)$'` && echo "codespell OK")) && cd tests/ && coverage erase && coverage run --parallel-mode tests.py --coverage && coverage combine && coverage report

after_success:
- codecov
Expand Down
6 changes: 6 additions & 0 deletions MANIFEST
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ doc/install/docker.rst
doc/install/fast-install-and-first-run.rst
doc/install/index.rst
doc/install/installation.rst
doc/screenshots/passive-cli.cast
doc/screenshots/passive-cli.svg
doc/screenshots/passive-view-cli.cast
doc/screenshots/passive-view-cli.svg
doc/screenshots/webui-details-heatmapzoom.png
doc/screenshots/webui-flow-details-flow.png
doc/screenshots/webui-flow-details-host.png
Expand Down Expand Up @@ -161,6 +165,8 @@ web/static/doc/_images/graphviz-afd241aa5456bddaaf0173331043c69948ee52b6.png
web/static/doc/_images/graphviz-afd241aa5456bddaaf0173331043c69948ee52b6.png.map
web/static/doc/_images/graphviz-d83a3bc3105b8f4e9930bd6796a9b9910ba1d155.png
web/static/doc/_images/graphviz-d83a3bc3105b8f4e9930bd6796a9b9910ba1d155.png.map
web/static/doc/_images/passive-cli.svg
web/static/doc/_images/passive-view-cli.svg
web/static/doc/_images/webui-details-heatmapzoom.png
web/static/doc/_images/webui-flow-details-flow.png
web/static/doc/_images/webui-flow-details-host.png
Expand Down
14 changes: 7 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,15 @@ have been written to show some features of IVRE.

## Documentation ##

See [doc/index](doc/index.rst) (and `doc/*` files) for more
information.
[IVRE's documentation](https://doc.ivre.rocks/) is hosted by Read The
Docs, based on files from the [doc/](doc/) directory of the
repository.

On an IVRE web server properly installed, the `doc/*` files are
available, rendered, under `/doc/` (e.g., `doc/index.html` for the
[doc/index](doc/index.rst) file).
On an IVRE web server, the `doc/*` files are available, rendered,
under `/doc/`.

On a client with IVRE installed, you can use a `--help` option with
most IVRE CLI tools, and use `help(ivre.module)` with most IVRE Python
On a system with IVRE installed, you can use a `--help` option with
most IVRE CLI tools, and `help(ivre.module)` with most IVRE Python
sub-modules.

## License ##
Expand Down
8 changes: 4 additions & 4 deletions doc/faq.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ documentation, feel free to `open an issue
Web interface
-------------

Help / Notebook shows "Forbidden"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Notebook shows "Forbidden"
~~~~~~~~~~~~~~~~~~~~~~~~~~

**I cannot access the help pages or the notepad (the Dokuwiki content),
and get a "Forbidden" message.**
**I cannot access the notepad (the Dokuwiki content), and get a
"Forbidden" message.**

You need to configure your web server to allow access from other hosts
on the network to the Dokuwiki content. It is often restricted, by
Expand Down
14 changes: 13 additions & 1 deletion doc/screenshots.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,17 @@ Flows with details for a specific flow

Flow map

Passive network analysis
------------------------

|animation_passive|

A simple passive analysis demonstration

|animation_passive_view|

The data from the previous scene used to create an Nmap-like result

.. |screenshot_heatmap| image:: screenshots/webui-home-heatmap.png
.. |screenshot_heatmap_zoom| image:: screenshots/webui-details-heatmapzoom.png
.. |screenshot_solar_map| image:: screenshots/webui-screenshots-solar-world.png
Expand All @@ -53,4 +64,5 @@ Flow map
.. |screenshot_flow_host_details| image:: screenshots/webui-flow-details-host.png
.. |screenshot_flow_flow_details| image:: screenshots/webui-flow-details-flow.png
.. |screenshot_map| image:: screenshots/webui-flow-flow-map.png

.. |animation_passive| image:: screenshots/passive-cli.svg
.. |animation_passive_view| image:: screenshots/passive-view-cli.svg
293 changes: 293 additions & 0 deletions doc/screenshots/passive-cli.cast
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,293 @@
{"version": 2, "width": 80, "height": 24}
[0.0, "o", "\u001b]0;user@computer:~\u0007"]
[0.000223, "o", "[user@computer ~]$ "]
[0.542955, "o", "\u001b[H\u001b[2J[user@computer ~]$ "]
[1.426468, "o", "i"]
[1.492759, "o", "v"]
[1.526064, "o", "r"]
[1.657435, "o", "e"]
[1.752184, "o", " "]
[2.049456, "o", "i"]
[2.129476, "o", "p"]
[2.228762, "o", "i"]
[2.447298, "o", "n"]
[2.542869, "o", "f"]
[2.674807, "o", "o"]
[2.74675, "o", " "]
[3.010423, "o", "-"]
[3.133609, "o", "-"]
[3.379294, "o", "i"]
[3.470356, "o", "n"]
[3.529608, "o", "i"]
[3.578696, "o", "t"]
[3.841429, "o", "\r\n"]
[4.039991, "o", "This will remove any passive information in your database. Process ? [y/N] "]
[4.944845, "o", "y"]
[5.018116, "o", "\r\n"]
[6.058713, "o", "\u001b]0;user@computer:~\u0007"]
[6.058857, "o", "[user@computer ~]$ "]
[6.728566, "o", "s"]
[6.796621, "o", "u"]
[6.887644, "o", "d"]
[6.976196, "o", "o"]
[7.057383, "o", " "]
[7.342606, "o", "b"]
[7.420462, "o", "r"]
[7.568824, "o", "o"]
[7.678638, "o", " "]
[7.944689, "o", "-"]
[8.130472, "o", "C"]
[8.250252, "o", " "]
[8.49038, "o", "-"]
[8.683115, "o", "i"]
[8.845401, "o", " "]
[8.96053, "o", "w"]
[9.061084, "o", "l"]
[9.105194, "o", "p"]
[9.300134, "o", "2"]
[9.524755, "o", "s"]
[9.807491, "o", "0"]
[10.334089, "o", " "]
[11.018122, "o", "-"]
[11.239863, "o", "b"]
[11.389048, "o", " "]
[11.814703, "o", "/"]
[12.107273, "o", "u"]
[12.218431, "o", "s"]
[12.408827, "o", "r/"]
[12.998995, "o", "s"]
[13.149205, "o", "h"]
[13.386776, "o", "are/"]
[13.804756, "o", "i"]
[13.865982, "o", "v"]
[14.081779, "o", "re/"]
[14.381052, "o", "b"]
[14.495498, "o", "r"]
[14.737983, "o", "o/"]
[15.183643, "o", "i"]
[15.258688, "o", "v"]
[15.442857, "o", "re/"]
[15.677432, "o", "p"]
[15.742983, "o", "a"]
[15.799055, "o", "s"]
[15.939976, "o", "siverecon/ \r"]
[16.753703, "o", "b"]
[16.872512, "o", "are.bro "]
[17.558287, "o", "|"]
[17.705867, "o", " "]
[18.305892, "o", "i"]
[18.407401, "o", "v"]
[18.460252, "o", "r"]
[18.592224, "o", "e"]
[18.673809, "o", " "]
[18.888218, "o", "p"]
[18.919069, "o", "a"]
[18.963735, "o", "s"]
[19.062783, "o", "s"]
[19.224181, "o", "i"]
[19.329898, "o", "v"]
[19.375646, "o", "e"]
[19.594393, "o", "r"]
[19.655171, "o", "e"]
[19.888717, "o", "c"]
[19.976357, "o", "o"]
[20.046557, "o", "n"]
[20.332805, "o", "2"]
[20.555543, "o", "d"]
[20.667706, "o", "b"]
[20.823046, "o", " "]
[21.230163, "o", "-"]
[21.38097, "o", "s"]
[21.636177, "o", " "]
[21.943964, "o", "W"]
[22.072369, "o", "I"]
[22.212284, "o", "F"]
[22.346647, "o", "I"]
[22.651294, "o", " "]
[22.733727, "o", "&"]
[22.986807, "o", "\r\n"]
[22.987329, "o", "[1] 8419\r\n"]
[22.987797, "o", "\u001b]0;user@computer:~\u0007[user@computer ~]$ "]
[23.428793, "o", "listening on wlp2s0\r\n\r\n"]
[24.425397, "o", "\r\n"]
[24.425926, "o", "\u001b]0;user@computer:~\u0007"]
[24.426036, "o", "[user@computer ~]$ "]
[25.000507, "o", "h"]
[25.058418, "o", "o"]
[25.140025, "o", "s"]
[25.273898, "o", "t"]
[25.365161, "o", " "]
[25.572454, "o", "i"]
[25.611969, "o", "v"]
[25.659019, "o", "r"]
[25.793093, "o", "e"]
[25.947846, "o", "."]
[26.874793, "o", "r"]
[27.037748, "o", "o"]
[27.127246, "o", "c"]
[27.236263, "o", "k"]
[27.343584, "o", "s"]
[27.64435, "o", "\r\n"]
[27.66362, "o", "ivre.rocks has address 5.135.166.161\r\n"]
[27.679654, "o", "ivre.rocks mail is handled by 10 spool.mail.gandi.net.\r\nivre.rocks mail is handled by 50 fb.mail.gandi.net.\r\n"]
[27.681062, "o", "\u001b]0;user@computer:~\u0007"]
[27.681203, "o", "[user@computer ~]$ "]
[28.89737, "o", "c"]
[28.97063, "o", "u"]
[29.060973, "o", "r"]
[29.180577, "o", "l"]
[29.296773, "o", " "]
[29.481934, "o", "-"]
[29.788195, "o", "L"]
[29.978556, "o", " "]
[30.335829, "o", "h"]
[30.413676, "o", "t"]
[30.528722, "o", "t"]
[30.587894, "o", "p"]
[30.769066, "o", ":"]
[30.965507, "o", "/"]
[31.087386, "o", "/"]
[31.342018, "o", "i"]
[31.398093, "o", "v"]
[31.452928, "o", "r"]
[31.571276, "o", "e"]
[31.765684, "o", "."]
[31.938236, "o", "r"]
[32.059642, "o", "o"]
[32.136592, "o", "c"]
[32.985125, "o", "k"]
[33.048511, "o", "s"]
[33.561121, "o", "/"]
[33.894361, "o", " "]
[34.063343, "o", ">"]
[34.106146, "o", " "]
[34.445825, "o", "/"]
[34.539082, "o", "d"]
[34.576615, "o", "e"]
[34.759534, "o", "v"]
[34.911773, "o", "/"]
[35.12038, "o", "n"]
[35.184223, "o", "u"]
[35.395908, "o", "l"]
[35.512004, "o", "l"]
[36.08062, "o", "\r\n"]
[36.085057, "o", " % Total % Re"]
[36.085775, "o", "ceived % Xferd Average Speed Time Time Time Current\r\n Dload Upload Total Spent Left Speed\r\n\r 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0"]
[36.112172, "o", "\r100 178 100 178 0 0 659"]
[36.112302, "o", "2 0 --:--:-- --:--:-- --:--:-- 6592\r\n"]
[36.218685, "o", "\r100 25072 100 25072 0 0 "]
[36.218852, "o", " 184k 0 --:--:-- --:--:-- --:--:-- 184k\r\n"]
[36.220937, "o", "\u001b]0;user@computer:~\u0007"]
[36.22108, "o", "[user@computer ~]$ "]
[37.195864, "o", "f"]
[37.23338, "o", "g"]
[37.435227, "o", "\r\n"]
[37.435328, "o", "sudo bro -C -i wlp2s0 -b /usr/share/ivre/bro/ivre/passiverecon/bare.bro | ivre passiverecon2db -s WIFI\r\n"]
[38.384751, "o", "^C"]
[38.385226, "o", "1562353406.793166 received termination signal\r\n1562353406.793166 155 packets received on interface wlp2s0, 0 dropped\r\n"]
[41.776905, "o", "\u001b]0;user@computer:~\u0007"]
[41.77702, "o", "[user@computer ~]$ "]
[42.362434, "o", "\u001b[H\u001b[2J[user@computer ~]$ "]
[42.711153, "o", "i"]
[42.780162, "o", "v"]
[42.828038, "o", "r"]
[42.955366, "o", "e"]
[43.032155, "o", " "]
[43.319668, "o", "i"]
[43.393954, "o", "p"]
[43.500147, "o", "i"]
[44.306077, "o", "n"]
[44.392362, "o", "f"]
[44.510192, "o", "o"]
[44.596798, "o", " "]
[46.166664, "o", "1"]
[46.249601, "o", "9"]
[46.323971, "o", "2"]
[46.448813, "o", "."]
[46.573578, "o", "1"]
[47.834176, "o", "6"]
[47.89559, "o", "8"]
[48.22922, "o", "."]
[48.496834, "o", "0"]
[48.653954, "o", "."]
[48.772941, "o", "0"]
[48.976135, "o", "/"]
[49.499161, "o", "2"]
[49.558127, "o", "4"]
[49.979599, "o", " "]
[50.31059, "o", "|"]
[50.411573, "o", " "]
[50.636597, "o", "l"]
[50.713615, "o", "e"]
[50.86064, "o", "s"]
[50.95818, "o", "s"]
[51.081504, "o", " "]
[51.288748, "o", "-"]
[51.366148, "o", "S"]
[51.593009, "o", "\r\n"]
[51.595451, "o", "\u001b[?1049h\u001b[22;0;0t\u001b[?1h\u001b=\r"]
[51.924173, "o", "192.168.0.11\r\n HTTP_CLIENT_HEADER USER-AGENT curl/7.65.1 (1 time) 2019-07-05 21:03:24\u001b[7m>\u001b[27m\r\n SSL_CLIENT ja3 f436b9416f37d134cadd04886327d3e8 (1 time) 2019-07-05 21\u001b[7m>\u001b[27m\r\n sha1: bd41bd5b017cb69e58ed5ae4f653b1109350e5b6\r\n sha256: 8873f80e029eacd93b45cd4f4f376c6ee85cc5efc670b317f67716\u001b[7m>\u001b[27m\r\n raw: 771,4866-4867-4865-49196-49200-159-52393-52392-52394-4919\u001b[7m>\u001b[27m\r\n"]
[52.418122, "o", "\u001b[7m(END)\u001b[27m\u001b[K"]
[54.750132, "o", "\r\u001b[K\u001b[?1l\u001b>\u001b[?1049l\u001b[23;0;0t"]
[54.75066, "o", "\u001b]0;user@computer:~\u0007[user@computer ~]$ "]
[55.156262, "o", "i"]
[55.226965, "o", "v"]
[55.260912, "o", "r"]
[55.392093, "o", "e"]
[55.464556, "o", " "]
[55.715778, "o", "i"]
[55.795296, "o", "p"]
[56.374659, "o", "h"]
[56.454579, "o", "o"]
[56.55273, "o", "s"]
[56.684879, "o", "t"]
[56.785833, "o", " "]
[57.360733, "o", "i"]
[57.448605, "o", "v"]
[57.47769, "o", "r"]
[57.626556, "o", "e"]
[57.786111, "o", "."]
[57.942751, "o", "r"]
[58.036666, "o", "o"]
[58.134704, "o", "c"]
[58.238656, "o", "k"]
[58.313606, "o", "s"]
[58.554463, "o", "\r\n"]
[58.766788, "o", "ivre.rocks A 5.135.166.161 (89.2.0.1:53, 1 time, 2019-07-05 21:03:16.063000 - 2019-07-05 21:03:16.063000)\r\n"]
[58.766899, "o", "ivre.rocks MX spool.mail.gandi.net (89.2.0.1:53, 1 time, 2019-07-05 21:03:16.080000 - 2019-07-05 21:03:16.080000)\r\nivre.rocks MX fb.mail.gandi.net (89.2.0.1:53, 1 time, 2019-07-05 21:03:16.080000 - 2019-07-05 21:03:16.080000)\r\n"]
[59.290849, "o", "\u001b]0;user@computer:~\u0007"]
[59.291017, "o", "[user@computer ~]$ "]
[60.802733, "o", "i"]
[60.856556, "o", "v"]
[60.905849, "o", "r"]
[61.024079, "o", "e"]
[61.111392, "o", " "]
[61.366682, "o", "i"]
[61.459323, "o", "p"]
[61.554923, "o", "i"]
[61.758187, "o", "n"]
[61.94396, "o", "f"]
[62.092992, "o", "o"]
[62.186783, "o", " "]
[65.515674, "o", "5.135.166.161"]
[65.995779, "o", " "]
[67.040086, "o", "|"]
[67.167227, "o", " "]
[67.371561, "o", "l"]
[67.415375, "o", "e"]
[67.571978, "o", "s"]
[67.688084, "o", "s"]
[67.737027, "o", " "]
[67.953979, "o", "-"]
[68.052582, "o", "S"]
[68.352154, "o", "\r\n"]
[68.354249, "o", "\u001b[?1049h\u001b[22;0;0t\u001b[?1h\u001b=\r"]
[68.5836, "o", "5.135.166.161\r\n FR [France] \r\n AS16276 [OVH SAS] \r\n DNS_ANSWER A-89.2.0.1-53 ivre.rocks (1 time) 2019-07-05 21:03:16 - 201\u001b[7m>\u001b[27m\r\n domain: ['ivre.rocks', 'rocks']\r\n 80 HTTP_CLIENT_HEADER_SERVER HOST ivre.rocks (1 time) 2019-07-05 21:03\u001b[7m>\u001b[27m\r\n 80 HTTP_SERVER_HEADER SERVER nginx (1 time) 2019-07-05 21:03:24 - 2019\u001b[7m>\u001b[27m\r\n service_name: http\r\n service_product: nginx\r\n 443 SSL_SERVER cert 0..]0..E........4.....9pLO..'....0...*.H........0J\u001b[7m>\u001b[27m\r\n md5: 5e1806f4d6071ccd408ff4858b63c3cd\r\n sha1: 1e9d23ebf837cf331494fc29616abf48f7b0dafe\r\n sha256: d64e7e81a59efe89229b90d8c37ddcb3ae8f2683c1e48bd5e7301a\u001b[7m>\u001b[27m\r\n issuer: {'countryName': 'US', 'organizationName': \"Let's Encry\u001b[7m>\u001b[27m\r\n issuer_text: countryName=US/organizationName=Let's Encrypt/com\u001b[7m>\u001b[27m\r\n subject: {'commonName': 'ivre.rocks'}\r\n "]
[68.583739, "o", " subject_text: commonName=ivre.rocks\r\n pubkeyalgo: rsaEncryption\r\n san: ['DNS:ivre.rocks', 'DNS:www.ivre.rocks']\r\n 443 SSL_SERVER ja3-f436b9416f37d134cadd04886327d3e8 c7a16ad7c1155ce6d7\u001b[7m>\u001b[27m\r\n sha1: cf855106feb336118cb5383172d36a3f54e69e80\r\n sha256: 699e9de9a3ac8f99bdcea41f239f7350ec7f6654aea9e79d24dcee\u001b[7m>\u001b[27m\r\n raw: 771,52392,65281-11-23-16\r\n:\u001b[K"]
[71.912291, "o", "\r\u001b[K \u001b[KESC\b\b\bESC\u001b[K[\b[\u001b[K6\b6\u001b[K~\b~\r\u001b[K"]
[71.912402, "o", " client: {'raw': '771,4866-4867-4865-49196-49200-159-52393-5239\u001b[7m>\u001b[27m\r\n\u001b[7m(END)\u001b[27m\u001b[K"]
[73.563447, "o", "\r\u001b[K \u001b[KESC\b\b\bESC\u001b[K[\b[\u001b[K5\b5"]
[73.563554, "o", "\u001b[K~\b~\r\u001b[K\u001b[H\u001bM5.135.166.161\r\n\u001b[24;1H\r\u001b[K:\u001b[K"]
[74.893357, "o", "\r\u001b[K\u001b[?1l\u001b>\u001b[?1049l\u001b[23;0;0t"]
[74.893966, "o", "\u001b]0;user@computer:~\u0007[user@computer ~]$ "]
[76.45485, "o", "exit\r\n"]

0 comments on commit b6ee20f

Please sign in to comment.