windows
User-related
- query user # Display the current online users
- whoami # View the current user
- net user # to view the current system all users
- net1 user # all your current user (high authority to order) system
- net user / domain # to view the current domain of all users
- net user administrator # admin user to view detailed information
- net localgroup # View local user groups
- net localgroup administrators # view group members described
Network-related
- ipconfig / all # See all ip information
- netstat -ano # view network connection port
- net view # view in the same workgroup machine
- net view / domain # to see if there are domain
- route print # Check the routing table
- arp -a # arp Table View
System-related
- set # View system environment variables
- systeminfo # View System Information
- tasklist # pid view the process name and number
- net start # View service
- dir / A "c: \ Program Files"
dir / A "c: \ Program Files (86)" # to view the current installed software
Initiative to collect
- Search for files
- Determine host survival
Users accustomed to collect
- Desktop Information
C: \ Users \ username \ Desktop Download directory
- The default
C: \ Users \ Administrator \ Downloads - Thunder
C: \ Thunder download - Baidu cloud
C: \ BaiduNetdiskDownload
- The default
Favorites and browser-related information
- IE
C:\Users\Administrator\Favorites - CHROME
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default - FIREFOX
C:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles
- IE
- Chat information
System Log Information
- Desktop Information
Collect hash
Generally cached passwords
Acquired from lassa.exe
- WCE
- pwdum7
- mimikatz
- QuarksPwDump
Obtained from the SAM / system
- getpass
- SAMinside