Screenshots

Screenshots are a way of generating a library of images that can be associated with appropriate top-level objects (TLOs). These can be things like:

Screenshots of Emails as they show up to the user in their mail client.
Screenshots of web pages that users visited that are in PCAP files.
Screenshots of the user's desktop when a malicious binary is executed.
Screenshots automatically generated from external tools.

Screenshots can be tagged with keywords that help describe what the image is of.

When you go to a TLO Details page, you'll see Screenshots that are outlined in black which means those Screenshots are directly associated with that TLO. You'll also see Screenshots outlined in blue which means one of the keywords for the Screenshot matches one of the buckets in the TLO's bucket list. You can mouse over Screenshots to get options for removing a Screenshot from association, or to copy the Screenshot ID to the clipboard so you can paste them in easy if you are trying to associate that Screenshot to another TLO.

On the Details page you can also click on a Screenshot to go to gallery view and browse all of the Screenshots.

To physically delete a Screenshot from CRITs, you can do so from the Screenshot listing view.

Screenshots

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally