Startseite Erkunden Hilfe
Anmelden
zhensolid
/
OperatorsKit
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Quellcode durchsuchen

New tool update

unknown vor 2 Jahren
Ursprung
d9e23d7f7b
Commit
2208473639
3 geänderte Dateien mit 4 neuen und 3 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 2 2
      KIT/FindWebClient/README.md
  2. 1 1
      KIT/FindWebClient/findwebclient.cna
  3. 1 0
      README.md

+ 2 - 2
KIT/FindWebClient/README.md
Datei anzeigen 

@@ -1,5 +1,5 @@
 
-# CredPrompt

-Find hosts with the WebClient service running based on a list of predefined hostnames or IP addresses. The list is loaded from your own attacker system.

+# FindWebClient

+Find hosts with the WebClient service running based on a list with predefined hostnames or IP addresses. The list is loaded from your own attacker system.

 

 >A valid list with hostnames is considered newline separated and ends with a newline. Furthermore, the following hostname notations are correct: `database`, `database.example.local`, `10.100.10.1`.

+ 1 - 1
KIT/FindWebClient/findwebclient.cna
Datei anzeigen 

@@ -2,7 +2,7 @@
 
 

 beacon_command_register(

 	"findwebclient", "Find running WebClient services.",

-	"INFO:\nFind hosts with the WebClient service running based on a list of predefined hostnames or IP addresses. The list is loaded from your own attacker system.\n\n" .

+	"INFO:\nFind hosts with the WebClient service running based on a list with predefined hostnames or IP addresses. The list is loaded from your own attacker system.\n\n" .

 	"ARGUMENTS:\n[<path to file>]: the path on your own attacker system to the file containing the list with predefined hostnames. Each hostname must be newline separated.\n[debug]: optional argument to include hostnames in the output that couldn't be reached or on which the WebClient was not running.\n\n" .

 	"USAGE:\nfindwebclient <path to hostname file> [opt:debug]\n\n" .

 	"EXAMPLES:\nfindwebclient C:\\Users\\redmed\\Documents\\hostnames.txt\nfindwebclient C:\\Users\\redmed\\Documents\\hostnames.txt debug\n\n");

+ 1 - 0
README.md
Datei anzeigen 

@@ -20,6 +20,7 @@ The following tools are currently in the operators' kit:
 
 |**[FindLib](KIT/FindLib)**|Find loaded module(s) in remote process(es).|
 
 |**[FindRWX](KIT/FindRWX)**|Find RWX memory regions in a target process.|
 
 |**[FindSysmon](KIT/FindSysmon)**|Verify if Sysmon is running through enumerating Minifilter drivers and checking the registry.|
 
+|**[FindWebClient](KIT/FindWebClient)**|Find hosts with the WebClient service running based on a list with predefined hostnames.|
 
 |**[HideFile](KIT/HideFile)**|Hide file or directory by setting it's attributes to systemfile + hidden.|
 
 |**[IdleTime](KIT/IdleTime)**|Check current user activity based on the user's last input.|
 
 |**[LoadLib](KIT/LoadLib)**|Load an on disk present DLL via RtlRemoteCall API in a remote process.|