Scribd Logo
Upload

Welcome to Scribd!

  • Doppler Quick Start Guide: Updated October 13, 2021

    Uploaded by

    fateh tiribark
    111 views9 pages
    This document provides instructions for getting started with Project Doppler, a tool from Rapid7 that allows users to gain insights into their organization's public internet exposure. It describes how to access Project Doppler after logging into an existing Rapid7 Insight account, how to navigate the different sections, and how to input domains and IP addresses in the Settings section to customize the data views. The various sections of Project Doppler are also outlined, including Recommendations, Attack Surface Inventory, Suspicious Connections, Email Security, Discovered DNS, and Certificates. The document concludes by explaining how to export raw data from each section.

    Original Description:

    Original Title

    DopplerQuickStartGuide

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for getting started with Project Doppler, a tool from Rapid7 that allows users to gain insights into their organization's public internet exposure. It describes how to access Project Doppler after logging into an existing Rapid7 Insight account, how to navigate the different sections, and how to input domains and IP addresses in the Settings section to customize the data views. The various sections of Project Doppler are also outlined, including Recommendations, Attack Surface Inventory, Suspicious Connections, Email Security, Discovered DNS, and Certificates. The document concludes by explaining how to export raw data from each section.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    111 views9 pages

    Doppler Quick Start Guide: Updated October 13, 2021

    Uploaded by

    fateh tiribark
    This document provides instructions for getting started with Project Doppler, a tool from Rapid7 that allows users to gain insights into their organization's public internet exposure. It describes how to access Project Doppler after logging into an existing Rapid7 Insight account, how to navigate the different sections, and how to input domains and IP addresses in the Settings section to customize the data views. The various sections of Project Doppler are also outlined, including Recommendations, Attack Surface Inventory, Suspicious Connections, Email Security, Discovered DNS, and Certificates. The document concludes by explaining how to export raw data from each section.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

     

     
     
     
     
     

    Doppler Quick Start Guide 


    Updated October 13, 2021 

    Project Doppler is a free tool that enables Rapid7 customers to immediately gain insights into their public 
    internet exposure.  

    This documentation is intended to help you get started with Project Doppler as quickly as possible. 

    For additional information about Project Doppler, check out the FAQ document and the brief overview 
    video. 

    Table of Contents 
    Table of Contents 1 

    Accessing Project Doppler 2 

    Navigation 4 

    Settings 5 

    Domains 5 

    IP addresses 6 

    Feedback 7 

    Sections 7 

    Data 8 
     

     
     

       

       


     

    Accessing Project Doppler 


    To access Project Doppler, first log into your Rapid7 Insight account using your existing credentials. 

    At this time, Project Doppler is only available for existing users of Insight. 

     
    Once you log in, you should see a set of tiles available for different products and tools from Rapid7. Look 
    for the title called “Rapid7 Open Labs”, and click on “Open”. 

     
     


     

    Rapid7 Open Labs is a new space on the Insight Platform where we can showcase free and open source 
    tools that Rapid7 is offering as part of our commitment to helping everyone access the most effective 
    security technology and practices, bringing safety and resilience to as many people as possible. 

    From the Open Labs space, click on “Open” underneath Project Doppler to gain access. 

     
     

       

     
     


     

    Navigation 
    The primary way to navigate through the different sections available within Project Doppler is by using 
    the navigation menu on the left hand side. Clicking on any of the available navigation items will bring you 
    to the respective section. 

    Click on the three-bar “hamburger” button in the top left to either expand or collapse the labels for the 
    different sections of Project Doppler. 

       

     
     


     

    Settings 
    The first section you should visit is “Settings”. This is where you can input the relevant information 
    necessary to use Project Doppler. 

    The main pieces of information to input are: 

    ● Domains owned by your organization 


    ● IP addresses owned by your organization 

    The provided information will be used to query for any data relevant to your organization collected 
    through Project Sonar or Project Heisenberg. The more complete the information you provide, the more 
    accurate the returned findings will be. 

    All views within Project Doppler should update within moments. 

    Domains 

    Multiple domains can be input at a time using a comma as a delimiter. 

     
     


     

    You may input up to 100 domains.  

    Once domains are input, you can selectively delete them by checking the box next to particular domains, 
    and clicking on the trash icon in the top right hand corner of the “Included Domains” section.

    Domains are used to search through DNS records that have been collected, which in turn is used to filter 
    available data relevant to your organization. 

    IP addresses 

    If you have the information available, IP addresses can be input to IP Sources in three different forms: 

    ● As individual IP addresses in dot notation (e.g., 1.2.3.4) 


     
     


     

    ● As CIDR ranges (e.g., 1.2.3.0/24). The broadest range that may be input is /16.  
    ● As contiguous IP ranges using a dash between the IP range ends (e.g., 1.2.3.0-1.2.3.255) 

    A maximum of 100 different inputs may be added to the set of IP Sources. 

    Feedback 

    If you would like to provide any feedback about Project Doppler, please use the feedback formed linked 
    on the Settings page. 

    Sections 
    There are a number of primary sections within Project Doppler: 

    ● Recommendations - high level overview of major findings collected through Project Doppler. 
    Clicking into the available blocks leads to additional information related to the findings. 
    ● Attack Surface Inventory - a detailed summary of all information found by internet-wide scans 
    pertaining to your organization based on the domain and IP information provided in Settings. 
     
     


     

    ● Suspicious Connections - connections to the Rapid7 Heisenberg honeypots. Ideally, no 


    information should appear here. If anything does appear, it may suggest system misconfiguration 
    within your network or possible compromise. Findings here warrant further investigation. 
    ● Email Security - check for various email security mechanisms related to the provided domains, 
    including, DNS SEC, SPF, and DMARC.  
    ● Discovered DNS - detailed listing of all DNS records and types related to the provided domains 
    and IP you provided. 
    ● Certificates - assessment of the expiration status and issuing authorities of certificates 
    associated with your organization. 

    Data 
    Project Doppler provides a range of visualizations and summaries of findings related to your organization 
    based on data collected through Project Sonar and Project Heisenberg..  

    If you are interested in exploring the raw underlying data behind the analysis, you may download the data 
    from each major section of Project Doppler. Navigate to each section’s Raw Data Findings tab and select 
    “Export” on the right. 

    This will bring up a popup indicating that the data is being prepared for export. 

     
     


     

    The Data Exports section, which can be accessed through the navigation menu, presents a listing of all 
    the data export requests. Click on “Download” to retrieve a .csv file of the requested data.. 

     
     

     
     

    You might also like