User Investigation

The User Investigation area of SSH Hunter provides information that centers around user aspects of SSH key data that is collected by Sandfly.

Table View

The principle page offers username search capabilities and lists all users with discovered SSH key data in an easy to use table.

SSH Hunter - User Investigation Data Table

SSH Hunter - User Investigation Data Table

Single clicking on the primary data value or double clicking on a row of data, excluding the buttons in the Actions column, will open a page that contains additional details associated to that entry.

Detail View

Under the Visualization tab the nodes in the Explorer section can be expanded and the panel can be zoomed or moved around in order to follow the relationship between keys, users, and hosts. Below the Explorer is the Key Use Timeline showing key quantities on that host over time.

SSH Hunter - User Summary View

SSH Hunter - User Summary View

Individual hosts and their key entries are displayed in a table under the Hosts & Key Entries tab.

User Summary - Hosts & Keys Entries

User Summary - Hosts & Keys Entries

Updated 17 days ago