Is this skill safe to use on production systems?

This skill is intended for authorized penetration testing only. Some techniques, particularly kernel exploits, can cause system instability and should be used with extreme caution.

Can this skill help with credential harvesting?

Yes, it provides specific commands for extracting hashes from the SAM and SYSTEM hives, as well as searching for cleartext passwords in configuration files and the registry.

Which versions of Windows are supported?

The methodologies cover a wide range of versions, including legacy systems like Windows 7 and Server 2008, up to modern environments like Windows 11 and Server 2022.

Does this skill require specific third-party tools?

While it includes many manual commands, it also references and provides guidance for popular tools like WinPEAS, PowerUp, Seatbelt, and various Potato exploits.

What is the primary goal of this skill?

The skill provides a structured methodology to escalate user privileges from a standard user account to Administrator or SYSTEM privileges on Windows environments.

Windows Privilege Escalation Guide

Name: Windows Privilege Escalation Guide
Author: claudiodearaujo

byclaudiodearaujo

0•

安全与测试

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems.

This skill serves as a comprehensive resource for security professionals and penetration testers to elevate privileges from standard user access to Administrator or SYSTEM levels. It provides structured workflows for system enumeration, credential harvesting from SAM and registry hives, and the exploitation of common misconfigurations like unquoted service paths or weak permissions. Additionally, it covers advanced techniques such as token impersonation using 'Potato' attacks and kernel vulnerability identification, making it an essential companion for deep-dive security audits and authorized post-exploitation activities.

主要功能

01Kernel exploit identification and vulnerability mapping

02Credential harvesting techniques for SAM, registry, and config files

03Service exploitation guides for misconfigured paths and permissions

04Token impersonation methodologies including Potato attacks

05Deep system and network enumeration workflows

060 GitHub stars

使用场景

01Conducting authorized penetration tests on Windows infrastructure

02Identifying security misconfigurations during internal system audits

03Developing remediation strategies for Windows privilege escalation vectors

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter windows-privilege-escalation

For use in Claude.ai and ChatGPT

主要功能

01Kernel exploit identification and vulnerability mapping

02Credential harvesting techniques for SAM, registry, and config files

03Service exploitation guides for misconfigured paths and permissions

04Token impersonation methodologies including Potato attacks

05Deep system and network enumeration workflows

060 GitHub stars

使用场景

01Conducting authorized penetration tests on Windows infrastructure

02Identifying security misconfigurations during internal system audits

03Developing remediation strategies for Windows privilege escalation vectors

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter windows-privilege-escalation

For use in Claude.ai and ChatGPT