NEW Network Intelligence Engine — packet capture · protocol fingerprinting · 2-click admin access to every device
Network Intelligence Capture Engine · v2.0

Capture it.
Fingerprint it.
Own it. If traffic flows, painofglass will find the way in — and put you 2 clicks away

Deploy our lightweight network agent. It passively captures traffic to any device — SSH sessions, HTTPS admin panels, thick clients, SNMP, RDP, anything — analyzes the protocols, fingerprints the device, and dynamically generates the exact integration path. Then puts you one dashboard click away from actively administering it.

See How It Works Live Demo → Deploy Agent
100%
Device Coverage
847K
Packets Analyzed Live
2
Clicks to Admin Any Device
38s
Avg Fingerprint Time
142
Protocols Detected
Capture Engine Pipeline

From raw traffic
to full integration.

One lightweight agent on your network. It doesn't require credentials, doesn't require APIs, doesn't require any prior knowledge of the device. It just listens — and figures everything out.

📡
Agent Deploy
Lightweight daemon (5MB). Linux / Windows / Docker. Mirror port or inline tap. Zero config.
1 minute
🔬
Passive Capture
libpcap / WinPcap / eBPF. Captures SSH, HTTPS, SNMP, RDP, WinRM, thick clients, Modbus. All protocols.
Real-time
🧬
AI Fingerprint
ML classifier identifies device type, vendor, OS, admin interface, open ports, and auth mechanisms from traffic patterns.
38s avg
⚙️
Integration Gen
AI selects optimal wrapper tier. Generates YAML config, auth profile, data schema mapping, action library.
Auto-generated
🖥️
2-Click Access
Device appears in dashboard. One click to open. Two clicks to be actively administering it — in-browser terminal, GUI proxy, or API.
Live
Traffic Analysis · Deep Dive

Every protocol.
Every device type.
Every admin path.

01
SSH / CLI Devices
Linux · Network Gear · Firewalls · Switches
Captures SSH handshakes to identify vendor, OS fingerprint, and capability set. Analyzes command patterns from existing admin sessions to build an action library — without decrypting the content.
SSH Port 22Cisco IOSJuniper JunOSPalo AltoF5 BIG-IPLinux OpenSSHAruba AOS
Capture Analysis · Switch-Core-01
pog-agent analyze --target 10.0.1.1 --passive
[✓] SSH traffic detected on port 22
[✓] Protocol: SSH-2.0-OpenSSH_8.4
[✓] Fingerprint: Cisco Catalyst 9300 (98.2% conf)
[✓] IOS Version: 17.09.04
[✓] Admin user patterns: 6 commands mapped
→ Integration: SSH wrapper (Tier 1)
→ Action library: show interfaces, show bgp, reload, etc.
# Wrapper generated in 42s · 2-click access ready
02
HTTPS Admin Panels
Web Consoles · Management UIs · REST APIs
TLS SNI extraction, HTTP/2 header analysis, and certificate inspection identify the admin platform without decryption. Intercept mode reconstructs the internal API schema from observed XHR calls.
HTTPS Port 443HTTP/8080Custom PortsREST APIGraphQLSOAP/XML
Traffic Intercept · vSphere-01
pog-agent intercept --target 172.16.0.10:443
[✓] TLS SNI: vsphere.corp.local
[✓] Cert: VMware vCenter Server 8.0.2
[✓] XHR captured: 47 unique endpoints
[✓] API schema: REST (undocumented)
→ Integration: Traffic Intercept (Tier 3)
→ Coverage: VMs, hosts, datastores, networks
⚡ Note: vSphere API also available → upgrading to Tier 1
03
RDP / WinRM / WMI
Windows Server · Hyper-V · IIS · SQL Server
RDP handshake analysis identifies Windows version, hostname, and domain membership. WinRM discovery enables PowerShell remoting for full programmatic control — check interface, spin up VMs, pull event logs.
RDP 3389WinRM 5985WMI 135SMB 445PowerShell RemotingDCOM
WinRM Discovery · HyperV-Host-02
pog-agent discover --target 10.0.2.50 --windows
[✓] RDP: Windows Server 2022 Datacenter
[✓] Hostname: HYPERV-HOST-02.corp.local
[✓] Role: Hyper-V Host · 14 VMs running
[✓] WinRM: available (port 5985)
→ Integration: WinRM + PowerShell (Tier 1)
→ Actions: VM start/stop, snapshot, event logs
→ RDP proxy: in-browser remote desktop ready
04
SNMP · Industrial · OT
Network Gear · UPS · SCADA · Printers · IoT
SNMP community string detection and OID analysis builds a full MIB map of every discoverable device. Passive listening on UDP 161/162 captures all trap events. No credentials required for read operations.
SNMP 161/162Modbus TCPOPC-UAIPMIBACnetDNP3
SNMP Sweep · Network Segment 10.0.5.0/24
pog-agent snmp-sweep --subnet 10.0.5.0/24
[✓] 10.0.5.1 → Cisco ASR 1001-X Router
[✓] 10.0.5.10 → APC Smart-UPS 3000
[✓] 10.0.5.22 → Brocade FC Switch
[✓] 10.0.5.40 → Modbus PLC (Schneider M340)
[✓] 10.0.5.55 → HP LaserJet Enterprise
→ 5 devices fingerprinted · 5 wrappers generated
# All available in dashboard within 60s
05
Thick Client Analysis
VMware vSphere Client · Hyper-V Manager · Custom Apps
Thick client management tools make network calls just like any other app. Our agent captures those calls at the network layer, reverse-engineers the protocol, and builds a server-side integration that doesn't require the client to be running.
VMware SDK (9443)Hyper-V WMIVDDKCustom TCPNamed PipesCOM/DCOM
Thick Client Intercept · vSphere Client Observed
pog-agent thick-client --watch --interface eth0
[→] vSphere Client launched on 10.0.1.100
[✓] Target: vcenter.corp.local:9443
[✓] Protocol: VMware SDK over HTTPS
[✓] API calls captured: 127 over 4 min session
[✓] Endpoints reconstructed: 34 unique calls
→ Server-side VMware SDK wrapper generated
# No thick client needed — full access via painofglass
AI Fingerprint Engine · How It Identifies Everything
7-Signal Classification Model
Our ML model combines 7 passive signals to identify any device with >95% accuracy — without credentials, without active scanning, without disrupting the network.
🔌
Port Pattern
Open port combinations = device signature
⏱️
TTL Analysis
IP TTL values reveal OS family
📜
Banner Grab
Service banners expose exact version
🔐
TLS Fingerprint
JA3/JA3S identifies client & server
📊
Traffic Pattern
Packet timing & size signatures
🏭
OUI Lookup
MAC OUI = hardware manufacturer
🧠
ML Ensemble
All signals fused → 95%+ accuracy
Live Product Demo

The capture interface,
in action.

app.painofglass.io / capture-engine
Device Discovery
Networking
🔀
Core-Switch-01
10.0.1.1 · Cisco C9300
Integrated
🛡️
FW-Palo-Edge
10.0.1.254 · PAN-OS 11.1
Capturing
📡
Router-ISP-01
10.0.1.2 · Juniper MX
Integrated
Virtualization
🟦
vCenter-Prod
172.16.0.10 · VMware 8.0
Integrated
🪟
HyperV-Host-02
10.0.2.50 · WS 2022
Integrated
🐧
kvm-host-03
10.0.2.60 · Ubuntu 24.04
Pending
Storage / Other
💾
NetApp-FAS8700
10.0.3.10 · ONTAP 9.13
Integrated
APC-UPS-Rack-A
10.0.5.10 · SNMP v2
Integrated
🔀
Core-Switch-01
10.0.1.1 · Cisco Catalyst 9300 · IOS 17.09.04
✓ Integrated ● Live
Packet Stream
1,284 pkts
14:22:01.44110.0.1.10010.0.1.1SSH108b
14:22:01.44310.0.1.110.0.1.100SSH92b
14:22:01.59010.0.1.10010.0.1.1SSH64b
14:22:02.01110.0.5.10010.0.1.1SNMP156b
14:22:02.01310.0.1.110.0.5.100SNMP1024b
14:22:03.10010.0.1.10010.0.1.1HTTPS320b
14:22:03.22010.0.1.110.0.1.100HTTPS4096b
14:22:04.50010.0.1.10010.0.1.1SSH48b
14:22:04.50110.0.1.110.0.1.100SSH2048b
14:22:05.01010.0.5.20010.0.1.1TCP40b
14:22:05.20010.0.1.10010.0.1.1HTTPS512b
14:22:06.11010.0.1.110.0.1.100SSH128b
Device Fingerprint · 99.1% Confidence
Cisco Catalyst 9300-48P
Vendor: Cisco Systems · OS: IOS-XE 17.09.04 · Role: Layer 3 Access Switch
MAC OUI: 00:1A:A1 (Cisco) TTL: 255 (IOS) JA3: cisco_ios_xe_tls13 Uptime: 142 days
22
SSH
● Open
443
HTTPS
● Open
161
SNMP
● Open
23
Telnet
Closed
80
HTTP
● Open
830
NETCONF
● Open
514
Syslog
Closed
17
QOTD
● Open
AI-Selected Integration Options · Ranked by Quality
1
NETCONF/YANG (Port 830)
Structured data · Full config R/W · Native IOS-XE support · Best for automation
✓ Recommended
2
SSH / CLI Wrapper (Port 22)
Universal fallback · Full command access · Regex output parsing
Fallback
3
SNMP v3 Read/Write (Port 161)
Good for metrics · Limited action coverage · OID-based
Metrics only
4
REST API via Traffic Intercept (Port 443)
Web UI API reverse-engineered · 47 endpoints mapped
AI-generated
2-Click Admin Access · All Methods Available
⌨️
SSH Terminal
In-browser · Tabbed · Full IOS access
1 click
🌐
Web Admin Proxy
Proxied HTTPS panel · No VPN needed
1 click
📊
SNMP Dashboard
Interface stats · CPU · Memory
2 clicks
🔧
Config Manager
Running config · Diff · Deploy
2 clicks
Integration Active · NETCONF/YANG
Capture: 1,284 pkts · 38.2 KB
Fingerprint: 99.1% confidence
pog-agent v2.1.4 · eth0 · promiscuous
The 2-Click Promise

From painofglass
to actively administering
any device.
Two clicks. Always.

Every device in painofglass is no more than 2 clicks from full administrative access — in-browser SSH, proxied web console, RDP, SNMP config, or API call. No VPN. No extra tools. No window switching.

1
🖥️
painofglass Dashboard
See every device in your inventory. Status, health, alerts — all visible at a glance.
Start here
Click 1
2
🔎
Device Detail
Click any device. See health, metrics, open ports, available access methods — pre-populated by the capture engine.
One click away
Click 2
Actively Administering
In-browser SSH, proxied web console, RDP, SNMP manager, config editor, or API explorer — all in the same tab.
You're in
All Access Modes — Available In-Browser, No Extra Tools
⌨️
SSH Terminal
Full in-browser SSH with tabbed sessions, session recording, copy-paste, and command history. Looks and feels exactly like your local terminal.
LinuxCisco IOSJuniperPalo AltoF5Aruba
🖥️
RDP / VNC Proxy
Full in-browser remote desktop via Apache Guacamole. Access Windows Server, Hyper-V Manager, SQL Server SSMS — all without installing anything.
Windows ServerHyper-VSQL ServerIIS
🌐
Web Console Proxy
painofglass proxies any HTTPS admin panel through itself — so you access VMware vSphere, NetApp ONTAP, iDRAC, router UIs without VPN or special network routing.
VMwareNetAppiDRACiLOAny Web UI
📊
SNMP Manager
Full SNMP read/write. Browse MIB tree visually. Set OIDs. Receive and display traps in real time. Works with any SNMPv1/v2c/v3 device ever made.
Network GearUPSPrintersLegacy HW
🔌
API Explorer
For devices with APIs — documented or reverse-engineered. Postman-like interface directly in the dashboard. Execute calls, see responses, build runbook steps.
RESTGraphQLSOAPUndocumented
💻
CLI Automation
Send commands, run scripts, and automate repetitive admin tasks across multiple devices simultaneously. Output structured, searchable, and logged.
Multi-deviceScriptedScheduled
🎛️
KVM / IPMI Console
Out-of-band access to bare metal servers via IPMI/iDRAC/iLO. Access BIOS, boot console, power controls — even when the OS is down.
Dell iDRACHP iLOIPMISupermicro
🔄
Thick Client Replacement
For devices that previously required installing a management app — painofglass reverse-engineers the protocol and replaces the thick client entirely with a browser-based equivalent.
vSphere ClientHyper-V MgrCustom Apps
In-Browser Admin Terminal

Every device.
One tab.

Switch between a Cisco switch, a Windows Hyper-V host, a VMware vCenter, and a Linux KVM host without opening a single extra window. All in painofglass. All with full admin access.

Active Sessions
4 devices · 1 click to switch
🔀
Core-Switch-01
Cisco Catalyst 9300
SSH
🪟
HyperV-Host-02
Windows Server 2022
RDP
🟦
vCenter-Prod
VMware vSphere 8.0
Web
🐧
kvm-host-03
Ubuntu 24.04 LTS
SSH
🛡️
FW-Palo-Edge
Palo Alto PAN-OS 11
Web
💾
NetApp-FAS8700
ONTAP 9.13
SNMP+API
APC-UPS-Rack-A
APC Smart-UPS 3000
SNMP
Core-Switch-01
10.0.1.1 · SSH · Cisco IOS-XE 17.09 · Session: 4m 12s
Connected to Core-Switch-01 (10.0.1.1) via SSH · painofglass proxy · session encrypted

Core-Switch-01# show ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 10.0.1.1 YES NVRAM up up
GigabitEthernet0/1 10.0.2.1 YES NVRAM up up
GigabitEthernet0/2 10.0.3.1 YES NVRAM up up
GigabitEthernet0/3 unassigned YES NVRAM administratively down down
Vlan1 10.0.0.1 YES NVRAM up up

Core-Switch-01# show version | include IOS
Cisco IOS XE Software, Version 17.09.04
IOS-XE operating system software

Core-Switch-01# show interfaces GigabitEthernet0/0 | include rate
5 minute input rate 142000 bits/sec, 187 packets/sec
5 minute output rate 98000 bits/sec, 122 packets/sec

Core-Switch-01#
Deploy Today

Deploy the agent.
Capture everything.
Own every console.

One 5MB agent. No credentials required upfront. Within an hour, every device on your network is fingerprinted, wrapped, and accessible from a single browser tab — two clicks away from full admin access.

Deploy Agent — 5 Minutes Request Live Demo Read the Docs →
painofglass.com · .io · .app · .dev · .net — All suffixes registered