DASHBOARD PAGE
- Add exposure summary that includes new charts that summarize acl risk levels and file exposures by category.
EXPORTS
- New file generated to that includes flags for risk levels, data exposure, read, write, and exploitability. Example: domain.com-Shares-Inventory-Excessive-Privileges-New.csv
CONSOLE OUTPUT
- Replaced top 5 with top $SampleSum
MENU
- Insight section - rename "Top Share Names" to "Share Names"
- Insight section - rename "Top Folder Groups" to "Folder Groups"
- Insight section - rename "Top Share Owners" to "Share Owners"
- Insight section - rename "Group Stats" to "Group ACL Summary"
- Modified titles of associate data insights pages to remove "Data Insights"
- Group ACL Summary
- Share Names (Top $SampleSum)
- Affected Subnets
- Share Owners (Top $SampleSum)
- Folder Groups (Top $SampleSum)
- Move group stats below owners
Feature: interesting files page, added the ability to click the category on the bar chart to filter the interesting files table rows for that category.
DEFAULT PARAMETER
- Changed default share name sample reporting to 200 (That's 100% for most companies)
TOP FOLDER GROUPS PAGE
- Added pagination.
- Added unique share name count column.
- Added column sorting.
- Added search.
TOP SHARE NAME PAGE
- Added pagination.
INTERESTING FILES PAGE
0. All interesting files are now saved to the [domain]-Shares-Interesting-Files.csv file when PowerHuntShares is run.
1. Added interesting files page.
2. Added view total interesting files display.
3. Added bar chart showing interesting file category summary. Note: apexcharts.js requires internet access, but may ship with PowerHuntShares in future versions.
3. Added ability to view uncpaths for interesting files via expandable div.
4. Added ability to filter results with search.
5. Added ability to export uncpaths associated with filtered results to a csv file.
6. Added ability to import a file that allows users to define their work interesting file keywords and categories.
Example: Invoke-HuntSMBShares -OutputDirectory 'c:\temp' -DomainController 'dc1.domain.com' -Username 'domain.com\user' -Password 'YourPassword' -FileKeywordsPath "C:\temp\interesting-files-template.csv"
7. Added template file for interesting file definition: https://raw.githubusercontent.com/NetSPI/PowerHuntShares/main/interesting-files-template.csv
Added similarity score to top share names page. It shows how similar the shares that share the same name are based on folder group, owner, create date, and last mod dates.
