delorean
/
patdown
2
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

and you better read the README

This commit is contained in:
delorean 2024-02-18 12:43:09 -06:00
parent 110948b745
commit bfd20e8d28
Signed by: delorean
GPG Key ID: 08CFF8565BE941CD
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -1,6 +1,6 @@
# patdown
> EDR/XDR (Endpoint Detection & Response) fingerprinting utility useful for predicting defense mechanisms in use on remote systems.
> Predicts and identifies the presence of EDR/XDR solutions on remote networks
<p align="center">
@ -8,7 +8,9 @@
</p>
## Abstract
Patdown probes a network's DNS servers to determine whether they have resolved domains associated with various EDR/XDR solutions.
patdown is an EDR/XDR *(Endpoint Detection & Response)* fingerprinting utility useful for predicting defense mechanisms in use on a network.
This is achieved via probing a network's DNS servers to determine whether they have resolved domains associated with various EDR/XDR solutions.
**Example**: if a network's resolver has `assets-public.falcon.crowdstrike.com` in its cache, chances are the '*CrowdStrike Falcon*' EDR solution is present somewhere on the network.