lansweeper-assessmentlisted

# Lansweeper Security Assessment A comprehensive skill for assessing Lansweeper IT asset discovery and inventory platforms during security engagements. This skill covers credential harvesting, secret decryption, AD ACL abuse, and deployment-based code execution. ## When to Use This Skill Use this skill when: - Assessing Lansweeper deployments in Active Directory environments - Attempting to harvest scanning credentials from Lansweeper - Decrypting stored secrets from Lansweeper web.config - Exploiting AD ACLs related to Lansweeper service accounts - Executing code via Lansweeper Deployment packages - Hardening Lansweeper installations against these attack vectors ## Prerequisites - Network access to Lansweeper server or managed endpoints - Compromised credentials with appropriate permissions - Tools: NetExec, BloodHound, BloodyAD, sshesame, SharpLansweeperDecrypt - For decryption: Local access to Lansweeper server - For deployment RCE: Membership in "Lansweeper Admins" group --- ## 1. Harvest Scanning Credentials via Honeypot ### Concept Lansweeper scanning engines authenticate to assets using configured credentials. By creating a Scanning Target pointing to an attacker-controlled host, you can capture these credentials when the scanner attempts to authenticate. ### Setup SSH Honeypot ```bash # Install sshesame (Linux) sudo apt install -y sshesame # Create configuration cat > sshesame.conf << 'EOF' server: listen_address: <YOUR_IP>:2022 EOF # Start honeypot sshe