Closed defendthehoneypot closed 7 years ago
Hey @defendthehoneypot why did you close?
I tried it on a pentest yesterday and realized it had a problem. I had to change the way that the domain admins lookup worked. I am going to test again today and see if it's fixed.
On Wed, Sep 6, 2017 at 05:38 ⭕Alexander Rymdeko-Harvey < notifications@github.com> wrote:
Hey @defendthehoneypot https://github.com/defendthehoneypot why did you close?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/killswitch-GUI/CobaltStrike-ToolKit/pull/2#issuecomment-327470229, or mute the thread https://github.com/notifications/unsubscribe-auth/AWpMOf0ZsV0532ht418E13mR2iny0kRfks5sfpJTgaJpZM4PMUWo .
-- Doug
I modified the powershell script to search process owners instead of logged on users. The code is a little rough and probably needs some cleanup but it seems to work fine.