From b76db931dc73df38476940d44c7f50e06f298152 Mon Sep 17 00:00:00 2001
From: Bryan McNulty <bryanmcnulty@protonmail.com>
Date: Tue, 22 Apr 2025 15:21:32 -0500
Subject: Add basic README

---
 README.md | 51 +++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 45 insertions(+), 6 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index db68d10..2fa4f01 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,47 @@
-# goexec
-Windows remote execution multitool
+# Goexec - Remote Execution Multitool
 
-## WMI
+Goexec is a new take on some of the methods used to gain remote execution on Windows devices. Goexec implements a number of largely unrealized execution methods and provides significant OPSEC improvements overall.
 
-### References
-- https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmi-classes
-- https://learn.microsoft.com/en-us/windows/win32/cimwin32prov/create-method-in-class-win32-process
\ No newline at end of file
+The original post about Goexec v0.1.0 can be found [here](https://www.falconops.com/blog/introducing-goexec)
+
+## Usage
+
+```text
+Usage:
+  goexec [command] [flags]
+
+Execution Commands:
+  dcom        Execute with Distributed Component Object Model (MS-DCOM)
+  wmi         Execute with Windows Management Instrumentation (MS-WMI)
+  scmr        Execute with Service Control Manager Remote (MS-SCMR)
+  tsch        Execute with Windows Task Scheduler (MS-TSCH)
+
+Additional Commands:
+  help        Help about any command
+  completion  Generate the autocompletion script for the specified shell
+
+Logging:
+  -D, --debug           Enable debug logging
+  -O, --log-file file   Write JSON logging output to file
+  -j, --json            Write logging output in JSON lines
+  -q, --quiet           Disable info logging
+
+Authentication:
+  -u, --user user@domain      Username ('user@domain', 'domain\user', 'domain/user' or 'user')
+  -p, --password string       Password
+  -H, --nt-hash hash          NT hash ('NT', ':NT' or 'LM:NT')
+      --aes-key hex key       Kerberos AES hex key
+      --pfx file              Client certificate and private key as PFX file
+      --pfx-password string   Password for PFX file
+      --ccache file           Kerberos CCache file name (defaults to $KRB5CCNAME, currently unset)
+      --dc string             Domain controller
+  -k, --kerberos              Use Kerberos authentication
+
+Use "goexec [command] --help" for more information about a command.
+```
+
+## Acknowledgements
+
+- [@oiweiwei](https://github.com/oiweiwei) for the wonderful [go-msrpc](https://github.com/oiweiwei/go-msrpc) module
+- [@RedTeamPentesting](https://github.com/RedTeamPentesting) and [Erik Geiser](https://github.com/rtpt-erikgeiser) for the [adauth](https://github.com/RedTeamPentesting/adauth) module
+- The developers and contributors of [Impacket](https://github.com/fortra/impacket) for the inspiration and technical reference
-- 
cgit v1.2.3