A Quick Look at Seatbelt for System Enumeration
I’ve decided to write a few blog posts about tools that Ithink are really cool that not everyone knows about. First up on my list is Seatbeltwhich is part of the GhostPac suite recently released by harmj0y. You can read about harmj0y’s motivations and logic here but suffice to say that sometimes PowerShell is a fantastic choice for your post exploitation needs and sometimes you need to avoid it for opsec or other concerns. Because of this, harmj0y ported some of his favorite PowerShell functionality to C# and GhostPac was born. One of the modules in the project is called Seatbelt which is designed to enumerate information from the local system. harmj0y stated that they’re not releasing binaries for this project in an effort to avoid “brittle” signatures targeting static strings, etc. so you’ll have to compile the tools yourself. You can use the free versions of Visual Studio (2015 or 2017 community editions) and it really couldn’t be easier. You can download the project from here , op...