Para descubrir dispositivos que esten en la misma interfaz nuestra, podemos usar PowerShell, creamos un archivo .ps1 con el siguiente contenido y ejecutamos:
The SysInternals Tools suite is a set of portable Windows applications that can be used to administer Windows systems (for the most part without requiring installation). The tools can be either downloaded from the Microsoft website or by loading them directly from an internet-accessible file share by typing \\live.sysinternals.com\tools into a Windows Explorer window.
Get-WmiObject-Class win32_OperatingSystem Get information about the operating systemicacls <directory> View the permissions set on a directoryicacls c:\users /grant joe:f Grant a user full permissions to a directoryicacls c:\users /remove joe Remove a users' permissions on a directoryNew-Alias -Name "Show-Files" Get-ChildItem Create a new PowerShell aliasGet-ExecutionPolicy -List View the PowerShell execution policySet-ExecutionPolicy Bypass -Scope Process Set the PowerShell execution policy to bypass for the current sessionwmic os list brief Get information about the operating system with wmicGet-MpComputerStatus Check which Defender protection settings are enabledwmic useraccount get name,sid Show Name and SID from system users with wmic
Linux
Privileges
sudo-l
System info
uname-ahostnamelsof-i:4433
Internal hosts
#!/bin/bashfor last_octet in $(seq1254); do IP="172.18.100.$last_octet"timeout1ping-c1"$IP">/dev/null&&echo"IP Activa: $IP"&done; wait
Internal ports
#!/bin/bashIP="172.18.100.21"for port in $(seq165535); do (timeout1bash-c"</dev/tcp/$IP/$port") >/dev/null2>&1&&echo"Puerto Abierto: $IP:$port"&done; wait