Windows Privilege Escalation

Introduction

Windows Privilege Escalation

Harvesting Passwords from Usual Spots

Other Quick Wins

Abusing Service Misconfiguration

Abusing Dangerous Privileges

Abusing Vulnerable Software

Tools of the Trade

PEASS-ng/winPEAS at master · peass-ng/PEASS-ngGitHub

GitHub - itm4n/PrivescCheck: Privilege Escalation Enumeration Script for WindowsGitHub

GitHub - bitsadmin/wesng: Windows Exploit Suggester - Next GenerationGitHub

Conclusion

• PayloadsAllTheThings - Windows Privilege Escalation

• Priv2Admin - Abusing Windows Privileges

• RogueWinRM Exploit

• Potatoes

• Decoder's Blog

• Token Kidnapping

• Hacktricks - Windows Local Privilege Escalation