Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

Epione User Guide SECRET//X1
Epione User Guide
1.0 (S) Introduction
(S) Epione is designed as a network characterization utility. It contains both an active and
passive scanner, both of which can be configured by the user.
(S) The passive scanner creates connection and passively listens in Windows' "promiscuous"
mode. All packets to/from the host system are captured, processed, and potentially added to the
active scanner.
(S)The active scan actively scans IP-port pairs based on either user configuration or captured
packets matching a subnet filter. The active scanner has a configurable time delay between each
new scan. The scans are dependent on configurable ports, and will capture banner data.
(S) Epione runs on both Windows and Linux. (Linux executables not provided in v1.0)
1.1 (S) Requirement
(S) The Intelligence Community has identified the need (requirement # 2012-0406) for a
capability to scan and characterize networks of interest.
1.2 (S) Purpose
(S) This User Guide describes how to use Epione v1.0. The document provides the Epione
configuration process and the installation process.
2.0 (S) System Overview
(S) Configuration
o (S) The configuration for the tool is entirely from the command-line program
ConfigureEpione. The usage is:
ConfigureEpione -e executable (To read current configuration of exe)
ConfigureEpione -f config_file -e executable (To write resources from config
file to executable)
If config file retains the default name, epione.conf, then simply double-
clicking the config tool with both the exe and config file in the same directory
will automatically configure the tool for you.
o (S) See the config file, epione.conf for more information regarding the config
options.
SECRET//X1
1

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh