Playbook: Internal Host WinRM Investigate

Description

Performs a general investigation on key aspects of a windows device using windows remote management. Important files related to the endpoint are generated, bundled into a zip, and copied to the container vault.

Apps

Windows Remote Management

How To Implement

The winrm asset requires Administrator access to gather certain files.

Explore Playbook

Click the playbook screenshot to explore in more detail!

explore

Reference

source | version: 1