# Enumerate remote processes

## Enumerate remote processes

One thing that's to know when pentesting is whether or not a specific process is being run on the server you are targeting. This can now be done via the following option:

```bash
nxc smb 192.168.1.0/24 -u user -p 'PASSWORDHERE' --tasklist
```

Note that by default, NXC will print the entire list of processes running on the remote host. If you want to look for a specific process (hello there keepass.exe) you can fill the process name as a parameter:

```bash
nxc smb 192.168.1.0/24 -u user -p 'PASSWORDHERE' --tasklist keepass.exe
```

## Killing remote processes

We have also added an option allowing you to specify either a process name to remotely kill or a specific PID:

```bash
nxc smb 192.168.1.0/24 -u user -p 'PASSWORDHERE' --taskkill PID
nxc smb 192.168.1.0/24 -u user -p 'PASSWORDHERE' --taskkill process_name.exe
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.netexec.wiki/smb-protocol/enumeration/enumerate-remote-processes.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.