Use cases

• Use cases
  • Discovering an unknown infrastructure
    • How to identify Emotet server infrastructure
    • Fetch deduplicated data
    • What about previous months of data?
    • Statistics with *OpenResty* **product**
    • Conclusion
  • Enumerating subdomains hosted on a single IP address
    • Using the resolver category
  • DNS enumeration starting from a domain name
    • Using the resolver category
    • Using the hostname category
  • Analyzing Mirai-FBot infected devices found by MalwareMustDie
    • Get IP list of infected hosts from MMD's pastebin
    • Execute Bulk Summary API request for each IP address
    • Loading the data into Elasticsearch
    • Preparing Kibana
    • Ready to analyze
    • Conclusion