Windows Privilege Escalation - Resources

TL;DR+ WHOAMI?whoami+ CAN I DO SPECIAL THINGS?WHOAMI /PRIV+ SERVICES –> SERVICES AT BOOT & SERVICES RAN THROUGH ICACLS.EXEwmic service get name,startnameNET START+ NETWORK CAPABILITIES? (CHECKS FOR 127)+ SHELL CAPABILITY –> STAGED/NON-STAGED? FORMAT? ARCH? ENCODER? BIND/REVERSE?+ SHELL CAPABILITY –> ENSURE CODE EXEC.+ NETWORK CAPABILITY.NETSTAT -ANOY+ NET USERS (LATERAL MOVEMENT CAPABILITIES?)NET USERSNET LOCALGROUPNET USER <USERNAME> (AM I … Continue reading Windows Privilege Escalation – Resources