From d16e1d8cfac6672b61eeb5dd963a21fc88d0d9a5 Mon Sep 17 00:00:00 2001 From: 51x Date: Wed, 15 Jun 2016 20:34:43 +0200 Subject: [PATCH] Windows enumeration points and commands. --- windows_enumeration_table.txt | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 windows_enumeration_table.txt diff --git a/windows_enumeration_table.txt b/windows_enumeration_table.txt new file mode 100644 index 0000000..9371e9f --- /dev/null +++ b/windows_enumeration_table.txt @@ -0,0 +1,26 @@ + Value Command Command 2 +Privilege whoami set +Hostname sysinfo set +OS sysinfo +Arch sysinfo set +Domain sysinfo set +Users net users +Admin users net localgroup administrators +User groups net user /domain net localgroup +Ip address(es) ipconfig /all +Default Gateway ipconfig /all + +Shares used net share + + +Firewall netsh firewall show config netsh firewall show opmode +AntiVirus/ES +AppLocker copy c:\Windows\System32\cmd.exe %TEMP%\a.exe && %TEMP%\a.exe +EMET tasklist | findstr EMET + +Running programs tasklist tasklist /svc + +Services listening netstat -ano + +Services started net start +