whoami /priv whoami /groups
1 2 3 4 5 6 net user net group `domain` net localgroup `local` net localgroup <Group Name> net accounts `domain` net accounts /domain `local`
1 2 3 4 5 6
net user net group `domain` net localgroup `local` net localgroup <Group Name> net accounts `domain` net accounts /domain `local`
Enumerating Installed Applications and Patch Levels wmic product get name, version, vendor List system-wide updates with Win32_QuickFixEngineering (qfe) wmic qfe get Caption, Description, HotFixI...
First, on Windows systems, we should check the status of the \_AlwaysInstallElevated registry setting. If this key is enabled (set to 1) in either HKEY_CURRENT_USER or HKEY_LOCAL_MACHINE, any user ...
WinPeas On Windows, one automated script is WinPeas Windows-Privesc-Check Another automated script is windows-privesc-check, which can be found in the windows-privesc-check We’ll specify the self...
For Privilege Access (Windows)
Kernel Vulnerabilities