5985,5986 - Pentesting winrm
WinRM is short for Windows Remote Management, a protocol for remote management of Windows systems. It provides a secure and standards-based way for administrators to remotely manage Windows servers, workstations, and other resources, either from the command line or through automation tools such as PowerShell.
bruteforce 1 - know: ip - unknow: user/password
bruteforce 2 - know: user/hash - unknow: ip
bruteforce 3 - know: user/hash - unknow: ip
evil-winrm - with password