winpeas update

winPEAS/winPEASexe/README.md

@@ -17,6 +17,7 @@ winpeas.exe #Will execute all checks except the ones that use a CMD
 winpeas.exe cmd #All checks
 winpeas.exe systeminfo userinfo #Only systeminfo and userinfo checks executed
 winpeas.exe notcolor #Do not color the output
+winpeas.exe cmd wait #cmd commands and wait between tests
 ```
 
 ## Basic information
@@ -28,6 +29,8 @@ It should take only a **few seconds** to execute almost all the checks and **som
 By default, the progam **sleeps 100ms** before start searching files in each directory. This is made to consume less resources (**stealthier**). You can **avoid this sleep using `searchfast` parameter**.
 
 
+The tool is based in **[SeatBelt](https://github.com/GhostPack/Seatbelt)**.
+
 ## Where are my COLORS?!?!?!
 
 The **ouput will be colored** using **ansi** colors. If you are executing `winpeas.exe` **from a Windows console**, you need to set a registry value to see the colors (and open a new CMD):
@@ -37,13 +40,12 @@ REG ADD HKCU\Console /v VirtualTerminalLevel /t REG_DWORD /d 1
 
 Below you have some indications about what does each color means exacty, but keep in mind that **Red** is for something interesting (from a pentester perspective) and **Green** is something well configured (from a defender perspective).
 
-The tool is based in **[SeatBelt](https://github.com/GhostPack/Seatbelt)**.
 
 ## Instructions to compile
 
-There was a time when **winpeas.exe was detected as malicious by Defender:(** But not anymore thanks to **dotfuscator**. 
+In order to compile an **ofuscated version** of Winpeas and bypass some AVs you need to ** install dotfuscator ** in *VisualStudio*. 
 
-This means that to **compile winpeas** you will need to **install dotfuscator** in *VisualStudio*. To install it *open VisualStudio --> Go to Search (CTRL+Q) --> Write "dotfuscator"* and just follow the instructions to install it.
+To install it *open VisualStudio --> Go to Search (CTRL+Q) --> Write "dotfuscator"* and just follow the instructions to install it.
 
 To use **dotfuscator** you will need to **create an account** *(they will send you an email to the address you set during registration*).
 

winPEAS/winPEASexe/winPEAS/bin/Release/Dotfuscated/Dotfuscator1.xml

@@ -1,56 +0,0 @@
-<?xml version="1.0" encoding="utf-8" standalone="no"?>
-<!--This config file was generated by Dotfuscator. Please use the Dotfuscator Config Editor to modify.-->
-<!DOCTYPE dotfuscator SYSTEM "http://www.preemptive.com/dotfuscator/dtd/dotfuscator_v2.5.dtd">
-<dotfuscator version="2.3">
-  <global>
-    <option>debugauto</option>
-  </global>
-  <input>
-    <loadpaths />
-    <asmlist>
-      <inputassembly refid="768a09dd-ee73-41a7-ae38-47605691e720">
-        <option>honoroas</option>
-        <option>stripoa</option>
-        <option>library</option>
-        <option>transformxaml</option>
-        <file dir="D:\Users\cpolo\Downloads\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="Microsoft.Win32.TaskScheduler.dll" />
-      </inputassembly>
-      <inputassembly refid="1ed2dfdb-58b5-40e9-a602-c2a2d5d50b36">
-        <option>honoroas</option>
-        <option>stripoa</option>
-        <option>library</option>
-        <option>transformxaml</option>
-        <file dir="D:\Users\cpolo\Downloads\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="winPEAS.exe" />
-      </inputassembly>
-    </asmlist>
-  </input>
-  <output>
-    <file dir="${configdir}\Dotfuscated" />
-  </output>
-  <renaming>
-    <option>xmlserialization</option>
-    <mapping>
-      <mapoutput overwrite="false">
-        <file dir="${configdir}\Dotfuscated" name="Map.xml" />
-      </mapoutput>
-    </mapping>
-    <referencerulelist>
-      <referencerule rulekey="{6655B10A-FD58-462d-8D4F-5B1316DFF0FF}" />
-      <referencerule rulekey="{7D9C8B02-2383-420f-8740-A9760394C2C1}" />
-      <referencerule rulekey="{229FD6F8-5BCC-427b-8F72-A7A413ECDF1A}" />
-      <referencerule rulekey="{2B7E7C8C-A39A-4db8-9DFC-6AFD38509061}" />
-      <referencerule rulekey="{494EA3BA-B947-44B5-BEE8-A11CC85AAF9B}" />
-      <referencerule rulekey="{89769974-93E9-4e71-8D92-BE70E855ACFC}" />
-      <referencerule rulekey="{4D81E604-A545-4631-8B6D-C3735F793F80}" />
-      <referencerule rulekey="{62bd3899-7d53-4336-8ca2-4e5dbae187d5}" />
-    </referencerulelist>
-  </renaming>
-  <sos mergeruntime="true">
-    <option>version:v4</option>
-    <option>sendanalytics</option>
-    <option>dontsendtamper</option>
-  </sos>
-  <smartobfuscation>
-    <smartobfuscationreport verbosity="all" overwrite="false" />
-  </smartobfuscation>
-</dotfuscator>

winPEAS/winPEASexe/winPEAS/bin/Release/Dotfuscator1.xml

@@ -8,20 +8,20 @@
   <input>
     <loadpaths />
     <asmlist>
-      <inputassembly refid="fafb1980-194e-4899-b247-340974634794">
-        <option>honoroas</option>
-        <option>stripoa</option>
-        <option>library</option>
-        <option>transformxaml</option>
-        <file dir="D:\Users\cpolo\Downloads\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="winPEAS.exe" />
-      </inputassembly>
-      <inputassembly refid="78325bae-9b77-4590-be9d-4339a6d843ea">
+      <inputassembly refid="fff711fa-8d12-4b5f-b305-4ab8c99fe3b7">
         <option>honoroas</option>
         <option>stripoa</option>
         <option>library</option>
         <option>transformxaml</option>
         <file dir="D:\Users\cpolo\Downloads\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="Microsoft.Win32.TaskScheduler.dll" />
       </inputassembly>
+      <inputassembly refid="3ff1e92f-2dff-4435-8a92-71982586f013">
+        <option>honoroas</option>
+        <option>stripoa</option>
+        <option>library</option>
+        <option>transformxaml</option>
+        <file dir="D:\Users\cpolo\Downloads\privilege-escalation-awesome-scripts-suite-master\winPEAS\winPEASexe\winPEAS\bin\x86\Release" name="winPEAS.exe" />
+      </inputassembly>
     </asmlist>
   </input>
   <output>