This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Community FAQ
Register | Log In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Reports & Analytics
- Re: Report Process: Hacker's or admin's tools
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎12-22-2023 05:37 AM - edited ‎12-22-2023 06:38 AM
I have created report to check processes with hacker's or admin's tools
Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetUnique,
tblAssets.Domain,
tblAssets.Username,
tblADusers.Displayname,
tblADusers.Department,
tblADusers.Title,
tblADusers.Company,
tblProcesses.ExecutablePath,
tblProcesses.Caption,
tblProcesses.Lastchanged
From tblAssets
Inner Join tblProcesses On tblAssets.AssetID = tblProcesses.AssetID And
Lower(tblProcesses.Caption) In ('adexplorer.exe', 'psexec',
'tasklist.exe', 'hostname.exe', 'systeminfo.exe', 'ver.exe',
'ipconfig.exe', 'netstat.exe', 'ping.exe', 'nslookup.exe', 'nltest.exe',
'net.exe', 'net1.exe', 'reg.exe', 'schtasks.exe', 'at.exe', 'query.exe',
'wscript.exe', 'cscript.exe', 'qwinsta.exe', 'quser.exe', 'netsh.exe',
'wmic.exe', 'mshta.exe', 'curl.exe', 'certutil.exe', 'sc.exe',
'powershell.exe', 'procdump.exe', 'ngrok.exe')
Left Join tblADusers On tblADusers.Username = tblAssets.Username And
tblADusers.Userdomain = tblAssets.Domain
Order By tblAssets.AssetID
It can help detect some types of attacks.
Labels:
- Labels:
-
Finished Reports
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-05-2024 09:59 PM
Under scanning go to scanned items wait time and enable process scanning. Beware that this can cause your database to grow in size.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-05-2024 07:13 PM
Interesting. Any requirements to setup for the report?
Reports & Analytics
Ask about reports you're interested in and share reports you've created. Subscribe to receive daily updates of reports shared in the Community.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now