windows pentest经验

端口转发

https://technet.microsoft.com/en-us/library/cc731068%28v=ws.10%29.aspx

流量抓取 

netsh trace start capture=yes overwrite=no tracefile=c:\file.etl
netsh trace stop

netmon转换

http://blogs.msdn.com/b/canberrapfe/archive/2012/03/31/capture-a-network-trace-without-installing-anything-works-for-shutdown-and-restart-too.aspx

http://obscuresecurity.blogspot.com/2013/03/capturing-bad-packets-with-netsh.html

你可能感兴趣的:(windows pentest经验)