Update README.md

Leo4j · Nov 3, 2024 · 5321962 · 5321962
1 parent 74615be
commit 5321962
Showing 1 changed file with 15 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -1,7 +1,7 @@
 # Invoke-ADEnum
 ![ADEnum](https://github.com/Leo4j/Invoke-ADEnum/assets/61951374/93fe1fed-6056-4ba0-ae5b-6f3ac4c62ddc)
 
-### Active Directory Enumeration
+## Active Directory Enumeration
 Invoke-ADEnum is an enumeration tool designed to automate the process of gathering information from an Active Directory environment.
 
 With Invoke-ADEnum, you can enumerate various aspects of Active Directory, including forests, domains, trusts, domain controllers, users, groups, computers, shares, subnets, ACLs, OUs, GPOs, and more.
@@ -16,7 +16,7 @@ HTML Example_Report generated by Invoke-ADEnum: https://leo4j.github.io/Invoke-A
 
 ![ADEnum](https://github.com/Leo4j/Invoke-ADEnum/assets/61951374/67527c9b-330b-4437-8d4d-7b7d5742607e)
 
-### Usage
+## Usage
 
 Load the script in memory:
 
@@ -36,12 +36,6 @@ Check your targets first, and make sure you stay in scope
 Invoke-ADEnum -TargetsOnly
 ```
 
-Recommended Coverage
-
-```
-Invoke-ADEnum -SprayEmptyPasswords -FindLocalAdminAccess -RBCD -UserCreatedObjects -WeakPermissions -MoreGPOs -AllDescriptions
-```
-
 Specify a single domain to enumerate and a DC to bind to
 
 ```
@@ -54,20 +48,29 @@ Exclude out-of-scope domains
 Invoke-ADEnum -Exclude "contoso.local,domain.local"
 ```
 
-Save collection data to disk, then load it from disk and skip collection next time you run (Location: c:\Users\Public\Documents\Invoke-ADEnum)
+## Recommended Usage/Coverage
+
+For optimal results, I recommend running Invoke-ADEnum in two phases: an initial quick assessment followed by a more thorough analysis.
+Consider saving data to disk during the first pass to avoid redundant data collection on the second pass.
 
 ```
-Invoke-ADEnum -SaveToDisk
+Invoke-ADEnum -SaveToDisk -FindLocalAdminAccess ### Save Location: C:\Users\Public\Documents\Invoke-ADEnum
 ```
+
+On the second pass, reload the previously saved data from disk and perform more checks, such as Empty-Password Spraying, RBCD, User-Created Objects, Weak Permissions (it may take a very long time to complete depending on domain size), and potentially abusable GPOs.
+
 ```
-Invoke-ADEnum -LoadFromDisk
+Invoke-ADEnum -LoadFromDisk -SprayEmptyPasswords -FindLocalAdminAccess -RBCD -UserCreatedObjects -WeakPermissions -MoreGPOs -AllDescriptions
 ```
 
-Full Coverage (may take a long time depending on domain size)
+## Full Coverage
+
+Run all available checks that Invoke-ADEnum can perform. It can be very time-consuming, especially in large domains.
 
 ```
 Invoke-ADEnum -AllEnum -Force
 ```
+
 # Disclaimer
 
 Invoke-ADEnum is intended exclusively for research, education, and authorized testing. Its purpose is to assist professionals and researchers in identifying vulnerabilities and enhancing system security.