In the container that gets deployed, it would be nice to have Responder running in audit-only mode. This would log devices that are actively sending LLMNR, mDNS, and NB-NS requests and allow for admins to evaluate the posture of other systems.
It's probably better to just create a new AsyncSniffer to do this instead of using Responder. Then we can handle the findings however we want in the Python code.
In the container that gets deployed, it would be nice to have Responder running in audit-only mode. This would log devices that are actively sending LLMNR, mDNS, and NB-NS requests and allow for admins to evaluate the posture of other systems.