windows-privilege-escalation

Provide systematic methodologies for discovering and exploiting privilege escalation vulnerabilities on Windows systems during penetration testing engagements. This skill covers system enumeration, credential harvesting, service exploitation, token impersonation, kernel exploits, and various misconfigurations that enable escalation from standard user to Administrator or SYSTEM privileges. This skill is applicable to execute the workflow or actions described in the overview. - Initial Access : Shell or RDP access as standard user on Windows system - Enumeration Tools : WinPEAS, PowerUp, Seatbelt, or manual commands - Exploit Binaries : Pre-compiled exploits or ability to transfer tools - Knowledge : Understanding of Windows security model and privileges - Authorization : Written permission for penetration testing activities - Privilege Escalation Path : Identified vector to higher privileges - Credential Dump : Harvested passwords, hashes, or tokens - Elevated Shell : Command execution as Administrator or SYSTEM - Vulnerability Report : Documentation of misconfigurations and exploits - Remediation Recommendations : Fixes for identified weaknesses - Kernel exploits may cause system instability - Some exploits require specific Windows versions - AV/EDR may detect and block common tools - Token impersonation requires service account context - Some techniques require GUI access -...