Endpoint Analysis using Windows tool - route

route is a windows utility command prompt tool that is used to display the routing table.

From the standpoint of incident response, network connection on endpoint is an important artifact to detect potential beacon, and having the right tool to quickly extract this artifact is critical for any responder.

You can easily view the routing table of your machine inside the command prompt.

To view, run the following syntax: route print