System Network Configuration
1
2
3
| ipconfig /all
netstat -abno
arp -a
|
Enumerating Running Processes and Services
Keep in mind that this output does not list processes run by privileged users. On Windows-based systems, we’ll need high privileges to gather this information, which makes the process more difficult.
1
2
3
4
5
6
| tasklist /SVC
Image Name PID Services
========================= ======== ============================================
...
lsass.exe 564 KeyIso, Netlogon,
|
Networking Routing Tables
View the active network connections
Firewall rules
1
2
| netsh advfirewall show currentprofile
netsh advfirewall firewall show rule name=all
|
Scheduled Tasks
1
| schtasks /query /fo LIST /v
|
Active Endpoints
for /L %i in (1,1,255) do @ping -n 1 -w 200 10.5.5.%i > nul && echo 10.5.5.%i is up.
