Are there any risks involved in using these commands?

Yes, certain kernel exploits can cause system instability or crashes. These techniques should only be used on systems where you have explicit, written authorization to perform security testing.

Which Windows versions are supported by these techniques?

The guide covers a broad range of versions, including legacy systems like Windows 7 and Server 2008, up to modern environments like Windows 10, 11, and Server 2019/2022.

What kind of vulnerabilities does this skill help identify?

It helps identify unquoted service paths, weak service permissions, stored credentials in the registry, vulnerable kernel versions, and insecure token privileges like SeImpersonatePrivilege.

What is the primary purpose of the Windows Privilege Escalation skill?

It provides a structured methodology and specific command syntax for identifying and exploiting misconfigurations to gain higher privileges on Windows systems during authorized security tests.

Does this skill automate the exploitation process?

No, it acts as a knowledge base and guide, providing the necessary PowerShell and CMD commands for a security professional to perform the tasks manually.

Windows Privilege Escalation Guide

Name: Windows Privilege Escalation Guide
Author: claudiodearaujo

byclaudiodearaujo

0•

セキュリティとテスト

Provides systematic methodologies and command references for discovering and exploiting privilege escalation vulnerabilities on Windows systems.

This skill serves as a comprehensive technical manual for security professionals to elevate user privileges from standard accounts to Administrator or SYSTEM on Windows environments. It streamlines the identification of system vulnerabilities by providing exact command syntax for system enumeration, credential harvesting from SAM and registry hives, service misconfiguration exploitation, and advanced token impersonation techniques. Ideal for authorized penetration testers, it covers modern attack vectors like HiveNightmare and various 'Potato' attacks, ensuring a structured approach to post-exploitation and security auditing.

主な機能

010 GitHub stars

02Detailed service exploitation guides for unquoted paths and weak permissions

03Comprehensive system, user, and network enumeration command library

04Credential harvesting workflows for SAM/SYSTEM files and stored passwords

05Token impersonation methodology including JuicyPotato and PrintSpoofer

06Kernel vulnerability identification and exploit reference mapping

ユースケース

01Conducting authorized penetration testing and red teaming engagements

02Performing security audits to identify and remediate local system misconfigurations

03Documenting privilege escalation paths for vulnerability research and reporting

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter windows-privilege-escalation

For use in Claude.ai and ChatGPT

主な機能

010 GitHub stars

02Detailed service exploitation guides for unquoted paths and weak permissions

03Comprehensive system, user, and network enumeration command library

04Credential harvesting workflows for SAM/SYSTEM files and stored passwords

05Token impersonation methodology including JuicyPotato and PrintSpoofer

06Kernel vulnerability identification and exploit reference mapping

ユースケース

01Conducting authorized penetration testing and red teaming engagements

02Performing security audits to identify and remediate local system misconfigurations

03Documenting privilege escalation paths for vulnerability research and reporting