Session Hunter

PsMapExec supports Leo4j's Invoke-SessionHunter. The SessionHunter method identifies systems with privileged or administrative user sessions, checks whether the current or provided user credentials have administrative access, and, if so, continues with command execution.

This is an ideal method through which to filter target acquisition to isolate only the most pertinent targets.

Optional Parameters

Parameter	Value	Description
-SuccessOnly	N/A	Only shows targets successful and relevent results
-Domain	[Domain]	Set the Domain for which to run against
-Command	[Command]	Will execute commands over WMI on candidate systems
-Module	[Module]	Will execute specified modules over WMI on candidate systems

Parameter

Value

Description

-SuccessOnly

N/A

Only shows targets successful and relevent results

-Domain

[Domain]

Set the Domain for which to run against

-Command

[Command]

Will execute commands over WMI on candidate systems

-Module

[Module]

Will execute specified modules over WMI on candidate systems

Usage

# Without command execution
PsMapExec -Targets [Targets] -Method SessionHunter

# With command execution
PsMapExec -Targets [Targets] -Command ipconfig

# With modules
PsMapExec -Targets [Targets] -Module [Module]

Last updated 1 year ago