With this application, it is aimed to accelerate the incident response processes by collecting information in windows operating systems via winrm.
Features
Information is collected in the following contents.
IP Configuration
Users
Groups
Tasks
Services
Task Scheduler
Registry Control
Active TCP & UDP ports
File sharing
Files
Firewall Config
Sessions with other Systems
Open Sessions
Log Entries
Installation
git clone https://github.com/anil-yelken/pywirt
cd pywirt
pip3 install pywinrm
Usage
The following information should be specified in the cred_list.txt file:
IP|Username|Password