Hey Arik,
Neat utility here! I have been playing around with it a little this evening and one thing initially had me very confused.
I would just submit a pull request, but I don't really think it's my decision :)
On the first screen you scan for executables that can bypass windows app control and then present a prompt for 'Which Executable to Execute?'. This wording suggests the tool itself is going to execute the code when the number is typed in. However this isn't the case, it simply presents the code for you to then go and execute it later.
By highlighting the text in green and presenting 'take a screenshot' I think many people will interpret that as it possibly 'did' execute and the screenshot is for an audit result like it was 'successful' on the system (I know you wrote POC)
I think just changing the wording to, 'Which executable do you want to generate POC code for?' would remove the confusion for a lot of people that are going to give this a try.
Cheers :)
c0tts
Hey Arik,
Neat utility here! I have been playing around with it a little this evening and one thing initially had me very confused.
I would just submit a pull request, but I don't really think it's my decision :)
On the first screen you scan for executables that can bypass windows app control and then present a prompt for 'Which Executable to Execute?'. This wording suggests the tool itself is going to execute the code when the number is typed in. However this isn't the case, it simply presents the code for you to then go and execute it later.
By highlighting the text in green and presenting 'take a screenshot' I think many people will interpret that as it possibly 'did' execute and the screenshot is for an audit result like it was 'successful' on the system (I know you wrote POC)
I think just changing the wording to, 'Which executable do you want to generate POC code for?' would remove the confusion for a lot of people that are going to give this a try.
Cheers :)
c0tts