Is this skill safe to use on production systems?

This skill is intended for authorized penetration testing only. Some techniques, particularly kernel exploits, can cause system instability and should be used with extreme caution.

Can this skill help with credential harvesting?

Yes, it provides specific commands for extracting hashes from the SAM and SYSTEM hives, as well as searching for cleartext passwords in configuration files and the registry.

Which versions of Windows are supported?

The methodologies cover a wide range of versions, including legacy systems like Windows 7 and Server 2008, up to modern environments like Windows 11 and Server 2022.

Does this skill require specific third-party tools?

While it includes many manual commands, it also references and provides guidance for popular tools like WinPEAS, PowerUp, Seatbelt, and various Potato exploits.

What is the primary goal of this skill?

The skill provides a structured methodology to escalate user privileges from a standard user account to Administrator or SYSTEM privileges on Windows environments.

Windows Privilege Escalation Guide

Name: Windows Privilege Escalation Guide
Author: claudiodearaujo

byclaudiodearaujo

セキュリティとテスト

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems.

概要

This skill serves as a comprehensive resource for security professionals and penetration testers to elevate privileges from standard user access to Administrator or SYSTEM levels. It provides structured workflows for system enumeration, credential harvesting from SAM and registry hives, and the exploitation of common misconfigurations like unquoted service paths or weak permissions. Additionally, it covers advanced techniques such as token impersonation using 'Potato' attacks and kernel vulnerability identification, making it an essential companion for deep-dive security audits and authorized post-exploitation activities.

主な機能

Kernel exploit identification and vulnerability mapping
Credential harvesting techniques for SAM, registry, and config files
Service exploitation guides for misconfigured paths and permissions
Token impersonation methodologies including Potato attacks
Deep system and network enumeration workflows
0 GitHub stars

ユースケース

Conducting authorized penetration tests on Windows infrastructure
Identifying security misconfigurations during internal system audits
Developing remediation strategies for Windows privilege escalation vectors

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter windows-privilege-escalation

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要