Credentials
Agents can report back credentials they discover

Example (agent response):

1
{
2
"task_id": "task uuid here",
3
"user_output": "some user output here",
4
"credentials": [
5
{
6
"credential_type": "plaintext",
7
"realm": "spooky.local",
8
"credential": "SuperS3Cr37",
9
"account": "itsafeature"
10
}
11
]
12
}
Copied!

Walkthrough:

The agent can report back multiple credentials in a single response. The credential_type field represents the kind of credential and must be one of the following:
  • plaintext
  • certificate
  • hash
  • key
  • ticket
  • cookie
The other fields are pretty straightforward, but they must all be provided for each credential. There is one optional field that can be specified here: comment. You can do this manually on the credentials page, but you can also add comments to every credential to provide a bit more context about it.
Copy link
Edit on GitHub