From 54eb099dd4e3a61e131c234b0e26754665f0ad13 Mon Sep 17 00:00:00 2001
From: Kevin Robertson <Kevin-Robertson@users.noreply.github.com>
Date: Mon, 21 Jun 2021 20:56:02 -0400
Subject: Update README.md

---
 README.md | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 8c45d45..efc2949 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ The C# version of Inveigh contains attacks for the following protocols:
 * [ICMPv6](#ICMPv6) [privileged raw socket]
 * [HTTP](#HTTP) [listener]
 * [HTTPS](#HTTPS) [listener]
-* [SMB] [packet sniffer | listener]
+* [SMB](#SMB) [packet sniffer | listener]
 * [LDAP] [listener]
 * [WebDAV] [listener]
 * [Proxy Auth] [listener]
@@ -428,6 +428,21 @@ Start HTTPS listener on port 443 with Inveigh's default cert
 [+] HTTPS Listener [HTTPAuth NTLM | WPADAuth NTLM | Port 443]
 ...
 ```
+### <a name="SMB"></a>SMB
+Start SMB packet sniffer
+```
+.\Inveigh.exe
+...
+[+] SMB Packet Sniffer [Port 445]
+...
+```
+Start SMB listener on port 445
+```
+.\Inveigh.exe -sniffer n
+...
+[+] SMB Listener [Port 445]
+...
+```
 ## Console
 
 Inveigh contains a console that is accessible while the tool is running (hit escape to enter and exit). The console provides easy access to captured credentials/hashes and other various information. The console's prompt provides real-time updates for cleartext, NTLMv1, and NTLMv2 captue counts in the format of unique:total. Note, the console may be inaccessible when running through C2. 
-- 
cgit v1.2.3