Can a backscan be skipped?
Yes, although it is not recommended for numerous reasons, there is a way to install the Stairwell forwarder and bypass the backscan.
Windows
To bypass the initial breach assessment or backscan, add DOSCAN=0 to the command:
.\\InceptionForwarderBundle.exe TOKEN="\<AUTH_TOKEN>" ENVIRONMENT_ID="\<ENV_ID>" DOSCAN=0 /quiet /norestart /log C:\\stairwell.log
If you bypass the initial breach assessment, files will only appear within Inception as they are written, modified, or executed.
Updated 7 months ago