public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Interesting files and registry"); new List <Action> { Putty.PrintInfo, SuperPutty.PrintInfo, PrintOffice365EndpointsSyncedByOneDrive, PrintCloudCreds, PrintUnattendFiles, PrintSAMBackups, PrintMcAffeSitelistFiles, PrintCachedGPPPassword, PrintPossCredsRegs, PrintUserCredsFiles, PrintOracleSQLDeveloperConfigFiles, Slack.PrintInfo, PrintLOLBAS, PrintOutlookDownloads, PrintMachineAndUserCertificateFiles, PrintUsersInterestingFiles, PrintUsersDocsKeys, PrintOfficeMostRecentFiles, PrintRecentFiles, PrintRecycleBin, PrintHiddenFilesAndFolders, PrintOtherUsersInterestingFiles, PrintExecutablesInNonDefaultFoldersWithWritePermissions, PrintWSLDistributions }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Services Information"); /// Start finding Modifiable services so any function could use them try { CheckRunner.Run(() => { modifiableServices = ServicesInfoHelper.GetModifiableServices(winPEAS.Checks.Checks.CurrentUserSiDs); }, isDebug); } catch (Exception ex) { Beaprint.PrintException(ex.Message); } new List <Action> { PrintInterestingServices, PrintModifiableServices, PrintWritableRegServices, PrintPathDllHijacking, }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Processes Information"); new List <Action> { PrintInterestingProcesses, }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("File Analysis"); new List <Action> { PrintYAMLSearchFiles }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Interesting Events information"); new List <Action> { PrintExplicitLogonEvents, PrintLogonEvents, PrintProcessCreationEvents, PrintPowerShellEvents, PowerOnEvents, }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Applications Information"); new List <Action> { PrintActiveWindow, PrintInstalledApps, PrintAutoRuns, PrintScheduled, PrintDeviceDrivers, }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Browsers Information"); new List <IBrowser> { new Firefox(), new Chrome(), new Opera(), new Brave(), new InternetExplorer(), }.ForEach(browser => CheckRunner.Run(browser.PrintInfo, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Network Information"); new List <Action> { PrintNetShares, PrintMappedDrivesWMI, PrintHostsFile, PrintNetworkIfaces, PrintListeningPorts, PrintFirewallRules, PrintDNSCache, PrintInternetSettings, }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Users Information"); new List <Action> { PrintCU, PrintCurrentUserIdleTime, PrintCurrentTenantInfo, PrintTokenP, PrintClipboardText, PrintLoggedUsers, PrintLocalUsers, PrintRdpSessions, PrintEverLoggedUsers, PrintHomeFolders, PrintAutoLogin, PrintPasswordPolicies, PrintLogonSessions }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("System Information"); new List <Action> { PrintBasicSystemInfo, PrintMicrosoftUpdatesCOM, PrintSystemLastShutdownTime, PrintUserEV, PrintSystemEV, PrintAuditInfo, PrintAuditPoliciesInfo, PrintWEFInfo, PrintLAPSInfo, PrintWdigest, PrintLSAProtection, PrintCredentialGuard, PrintCachedCreds, PrintAVInfo, PrintWindowsDefenderInfo, PrintUACInfo, PrintPSInfo, PrintPowerShellSessionSettings, PrintTranscriptPS, PrintInetInfo, PrintDrivesInfo, PrintWSUS, PrintAlwaysInstallElevated, PrintLSAInfo, PrintNtlmSettings, PrintLocalGroupPolicy, AppLockerHelper.PrintAppLockerPolicy, PrintPrintersWMIInfo, PrintNamedPipes, PrintAMSIProviders, PrintSysmon, PrintDotNetVersions }.ForEach(action => CheckRunner.Run(action, isDebug)); }
public void PrintInfo(bool isDebug) { Beaprint.GreatPrint("Windows Credentials"); new List <Action> { PrintVaultCreds, PrintCredentialManager, PrintSavedRDPInfo, PrintRDPSettings, PrintRecentRunCommands, PrintDPAPIMasterKeys, PrintDpapiCredFiles, PrintRCManFiles, PrintKerberosTickets, //PrintKerberosTGTTickets, #Not working PrintWifi, PrintAppCmd, PrintSCClient, PrintSCCM, PrintSecurityPackagesCredentials, }.ForEach(action => CheckRunner.Run(action, isDebug)); }