Download PowerView to the host you compromised.
# launch ps and bypass the execution policy powershell -ep bypass # load powerview . .\PowerView.ps1 # Get infos Get-NetDomain Get-NetDomainController (Get-DomainPolicy)."system access" # look for shares Invoke-ShareFinder # gpo Get-NetGPO
Last updated 11 months ago
