目录
Seatbelt
Seatbelt是一个采用C#写的Windows下信息收集的工具。它从进攻性和防御性安全性角度执行许多面向安全性的主机调查“安全性检查”。
Seatbelt的用法
Available commands (+ means remote usage is supported):
+ AMSIProviders - Providers registered for AMSI
+ AntiVirus - Registered antivirus (via WMI)
AppLocker - AppLocker settings, if installed
ARPTable - Lists the current ARP table and adapter information (equivalent to arp -a)
AuditPolicies - Enumerates classic and advanced audit policy settings
+ AuditPolicyRegistry - Audit settings via