Skip to content

noel-kd/AssetHunter_v2.1

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
AssetHunter.ps1
AssetHunter.ps1
 
 
LICENSE
LICENSE
 
 
Launch_Interactive.cmd
Launch_Interactive.cmd
 
 
Launch_Passive.cmd
Launch_Passive.cmd
 
 
README.md
README.md
 
 
clientlist.txt
clientlist.txt
 
 

Repository files navigation

AssetHunter v2.1

Remotely obtain last-user data from online/available systems via remote host event logs.

Author: Kyle Noel

TEST THOROUGHLY BEFORE USE

PREREQUISITES:

  • Application must be run as an admin.
  • RSAT must be installed and sid user attribute must be configured for domain users (should be by default).

Modes:

Passive - Pulls system names from a prefilled list. Ensure relevant system names are listed in .\clientlist.txt before launching. Enter system names into list file, each system on an individual line. Avoid spaces. Example:

ASUS-XXXXXX

DELL-AXXXXX

ASUS-AAAAAA

DESKT-ABABAB

Select Launch_Passive.cmd to launch into Passive Mode.

Interactive - Pulls system names from user input. You will be prompted to enter system name(s), separated by commas if there are more than one. Spaces are okay in this mode.

NOTE: FQDNs are also acceptable and should function exactly the same as standard system names in either mode.

Known bugs

Occasionally a logon event will be found without username information. Timestamp will be recorded but without a name.

Changelog

20250505 - Added MAC address, WINRM status.

About

Remotely obtain last-user data from online/available systems via remote host event logs.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages