LogoLogo
  • Welcome
  • Getting Started
    • Submit Scan
    • Search
  • Sandbox
    • Overview
    • Configuration
      • General
      • Resource Saving
      • AWS
      • Opensearch
      • Monitoring & Analysis
      • DNS & WHOIS
      • Examples
        • API Sandbox
        • Bulk Scanner
        • Copilot Analysis
        • OpenPhish
    • Deployment
  • Copilot
    • Overview
    • Deployment
    • Blue Team
      • Integrations
        • Slack
        • Jira
        • ElasticSearch
        • VirusTotal
        • Circl CVE
        • Google Safe Browsing
        • Greynoise
        • Hudson Rock
        • News API
        • WHOIS XML
        • GeoIP (MaxMind)
        • AWS
        • Shodan
        • Censys
        • Driftnet
        • Hybrid Analysis
        • Breadcrumbs
        • Onchain Industries
        • DNSDumpster
        • WhoisFreaks
        • OSINT Industries
        • ThreatBook
        • ZoomEye
        • Netlas
        • Criminal IP
        • urlquery
        • ANY.RUN
    • Red Team
      • Kali Linux
      • Multi Agent
    • Profiles
      • Webamon Cloud
      • OpenAI
      • Ollama
      • HuggingFace
      • Mistral
      • AWS Bedrock
  • Threat Hunting
    • Overview
    • Integrations
    • Data Dictionary
      • Domains
      • Resources
      • Servers
      • Scans
    • Search
      • Dialog
        • Scan
        • Server
        • Domain
        • Resource
        • String
      • Type
        • Auto
        • Local Sweep
        • Feeling Defensive
  • Global Domain Monitoring
    • Overview
    • Deployment
  • Feeds
    • Webamon X
      • Deployment
    • Newly Registered Domains
      • Deployment
  • API
    • OPEN API
Powered by GitBook
On this page
  1. Copilot

Blue Team

PreviousDeploymentNextIntegrations

Last updated 3 months ago

Source

When initializing copilot, the default profile loaded is Blue Team.

During the initialization phase, Webamon fetches your integration credentials from AWS Secrets store. It then loads the plugins with your credentials into the containerized memory. Credentials are never saved to disk

The initial reply from Blue Team Copilot will list the current integrations that have been loaded and their available function calls

In the below example we ask the Copilot to show us the field mappings for Webamon scans, allowing us to then hunt with Copilot downstream.

When prompting Copilot to call a tool (1) it will display the suggested tool along with any arguments (2). Press enter or click the send button (3) to confirm, anything else will reject the function call

Once confirmed, the Blue Team Copilot will execute the function, parse the response and display in a human readable format.

Code
Copilot Tool Call