Recon Center

The recon center allows for the tracking of arbitrary metadata by operators on items during the operation.
the recon center holds "Entities," and Entity is simply anything with a name and description for example, a user, host, domain, firewall, or whatever
Operators can create an entity at any time and then add properties to them. A property is simply an item with a Name, Value, and optional note. for example, this may be a Kerberos ticket for a user, a password, IP address info for a host, or whatever you want to save.
All Entities and Properties are replicated to each client for easy metadata/ note sharing.

While still early in the process, the recon center can parse output from Seatbelt, auto create entities and properties for example, the following screenshot shows a corp\vin user who has two token group properties from Seatbelt being run on two different machines in the domain.

Last updated 1 year ago