Overview
SpecterInsight is designed to make reconnaissance fast, easy, intuitive, and provide rich insights.
Performing Host Discovery
Host discover includes collection of information about the local system that is relevant to the engagement.
List Host Discovery Techniques
To list the available host discovery techniques, apply a label filter for “host-discovery” in the SpecterScripts panel. This filter will list all of the available techniques that have SpecterScripts.
Insert SpecterScript Into Command Editor
Ensure that the SpecterScript titled “Get System Info via API” is selected in the SpecterScripts Search Panel and then click the “Insert” button. This will insert the contents of the SpecterScript into the Command Editor.
Task the Implant
Task the implant by clicking the “Run in Background” button. This will queue the task for the Specter to execute on the next check-in.
Performing Passive Network Discovery
You can conduct passive enumeration of the network by querying various OS APIs to pull information about the network that is already stored on the local system without any active enumeration, scanning, or sending packets out to the network.
List Passive Network Discovery Techniques
To list the available passive network discovery techniques, apply a label filter for “passive” and “network-discovery” in the SpecterScripts panel. This filter will list all of the available techniques that have SpecterScripts.
Insert SpecterScript Into Command Editor
Ensure that the SpecterScript titled “Get Connected Networks via API” is selected in the SpecterScripts Search Panel and then click the “Insert” button. This will insert the contents of the SpecterScript into the Command Editor.
If necessary, you can edit the script before you send it.
Task the Specter
Task the implant by clicking the “Run in Background” button. This will queue the task for the Specter to execute on the next check-in.
Performing Active Network Discovery
List Active Network Discovery Techniques
At some point, you will need to actually generate some packets on the network to fully discover other systems in the environment.
To list the available active network discovery techniques, apply a label filter for “active” and “network-discovery” in the SpecterScripts panel. This filter will list all of the available techniques that have SpecterScripts.
Insert SpecterScript Into Command Editor
Ensure that the SpecterScript titled “Port Scan Local Network” is selected in the SpecterScripts Search Panel and then click the “Insert” button. This will insert the contents of the SpecterScript into the Command Editor.
Task the Specter
Task the implant by clicking the “Run in Background” button. This will queue the task for the Specter to execute on the next check-in.
Once the command completes, you will see the results in the Command History Panel. In this case, there were 9 total IP addresses that had at least one open TCP listener.
