Analizar una captura de una traza de red

Para realizar una captura de una traza de red es necesario ser administrador y ejecutar el comando

Pasado un tiempo se para con el comando

Y se obtienen los siguientes ficheros:

Ficheros obtenidos en un informe generado por netsh trace

Capture a Network Trace without installing anything

1. Open an elevated command prompt and run:

2. Reproduce the issue or do a reboot if you are tracing a slow boot scenario. 3. Open an elevated command prompt and run:

Your trace will be stored in c:\fichero.etl**or where ever you saved it. You can view the trace on another machine using Microsoft Message Analyzer.

Hackear wifi con PowerShell (script en una línea)

Hackear wifi con PowerShell

Windows services (detailed)


Windows Post Exploitation Cmdlets Execution (PowerShell)

Presence This section focuses on information gathering about the victim host and the network that it’s attached to. System





Finding important files

Files to pull

Remote system access


Auto­Start directories

Persistance This section focuses on gaining a foothold to re­gain, or re­obtain access to a system through means of authentication, backdoors, etc.. Download

Compress or expand ZIP archive

Reg command exit

Deleting logs

Uninstalling software “Antivirus”

Invasive or altering commands

Mostrar las contraseñas de todas las conexiones inalámbricas