Hi Jeff, apologies for the delay. We usually try to reply within a day. I guess we got too busy releasing those updates!
Thank you for the compliments and the purchases. These help fund research to develop like Slitheris. And since upgrades are free, you're getting a great return on your investment.
We're glad to hear Slitheris is helping identify threats. It's was mainly developed to help find & identify devices, and in v2.0 we plan to greatly improve Device Type identification so that Amazon Echo shows up as an Amazon Echo. This will be by far the most ambitious & time-consuming feature of the next major upgrade. We would like to investigate it's potential in the security & forensics market too. I imagine detection of unpingable (stealth) devices could be of use in that field. We may even look into licensing our scan engine to others for inclusion in their own products as it matures.
Yes, OS fingerprinting is very complex and is sometimes more art than a science. We feel like we only just started, but we spent an entire year so far on OS fingerprinting research alone. Some of our OS's are guesses too, but it usually indicates guessing vs. an exact fingerprint match. We're working on even better and more granular OS detection of popular Linux distros this year to give you Ubuntu, Fedora, CentOS, Solaris, Embedded, etc. instead of simply Linux.
The new Difficulty column does beg for some explanation in lieu of a manual, which is also coming in v2. This new column indicates generally how hard it was for Slitheris to detect the device's presence (is it pingable or not) and get information from it like OS or Device Type. For example if a PC shows to being unpingable or has "Windows?" for it's OS, these further increases difficulty level. It can be due to port count, but because some ports can be redundant, it's more tied to how much info a device reveals about itself. It also doesn't necessarily mean the data's inaccurate, although Extreme often means the device provided very little information through direct examination. The Device Type column should have its own confidence level. If it has no percentage, Slitheris believes the data is accurate. However since it is a 1.0 and still going through heavy development, it's not going to be perfect. In the Extreme cases I would say it's possible for the info on that device to be accurate, but should be scrutinized. You can also think of it as how "open" a device is. For example, a device marked Extreme may not even be found by other software.
As for Powershell cmdlets, we'd like to get into this and other management features like IP Address Management (IPAM), but our focus right now is improving scan results, the GUI and other more basic features. We're currently working on a detail pane so you can see everything for the selected device in one place. As well as very large IP range support with a brand new real-time ping sweep system.
Please let us know if you have any other questions, concerns or have more great things to say!