Recon Center

Recon Center

  • The recon center allows for the tracking of arbitrary metadata by operators on items during the operation.

  • the recon center holds "Entities," and Entity is simply anything with a name and description for example, a user, host, domain, firewall, or whatever

  • Operators can create an entity at any time and then add properties to them. A property is simply an item with a Name, Value, and optional note. for example, this may be a Kerberos ticket for a user, a password, IP address info for a host, or whatever you want to save.

  • All Entities and Properties are replicated to each client for easy metadata/ note sharing.

Seatbelt Integration

  • While still early in the process, the recon center can parse output from Seatbelt, auto create entities and properties for example, the following screenshot shows a corp\vin user who has two token group properties from Seatbelt being run on two different machines in the domain.

Last updated