Swissky
80816aee31
PrintNightmare - #385
2021-07-01 14:40:03 +02:00
Swissky
a723a34449
PS Transcript + PPLdump.exe
2021-05-06 18:26:00 +02:00
Swissky
08b59f2856
AD update CME+DCOM
2021-04-21 22:27:07 +02:00
Swissky
f6b9d63bf8
DCOM exploitation and MSSQL CLR
2021-03-24 22:26:23 +01:00
Swissky
bd2166027e
GMSA Password + Dart Reverse Shell
2021-03-24 12:44:35 +01:00
Valentín Blanco
73f6ab940c
Update Windows - Privilege Escalation.md
...
Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.
2021-02-10 15:52:41 +01:00
PinkDev1
93769768e2
Added EoP - $PATH Interception
2021-01-28 19:45:54 +00:00
Swissky
01aadf3a44
Alternate Data Stream
2021-01-13 10:22:59 +01:00
Swissky
19a2950b8d
AMSI + Trust
2020-12-08 14:31:01 +01:00
Gorgamite
f9389d708b
Added winPEAS to windows privilege escalation tool
...
WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe
It doesn't auto exploit, but it's rather thorough and effective.
2020-10-29 03:57:40 -07:00
Swissky
5a1ae58a59
Sticky Notes Windows + Cobalt SMB
2020-10-16 11:35:15 +02:00
Swissky
c9be68f0a1
Privilege File Write - Update
2020-10-08 16:51:11 +02:00
Swissky
0df0cc9cf8
Privileged File Write
2020-10-08 16:39:25 +02:00
Swissky
c7e3ea005e
Powershell Remoting
2020-08-09 12:15:56 +02:00
Swissky
ca9326b5fc
Driver Privilege Escalation
2020-07-13 15:00:36 +02:00
Swissky
5323ceb37c
SUDO CVE + Windows Drivers PrivEsc
2020-05-28 11:19:16 +02:00
Swissky
c1731041b5
Misc & Tricks Page + AMSI + Defender
2020-05-16 13:22:55 +02:00
guanicoe
1fc8b57c85
Update Windows - Privilege Escalation.md
...
added Get-Process to list processes
2020-05-03 21:11:01 +00:00
Swissky
5163ef902c
XSS Google Scholar Payload + Skeleton Key Persistence
2020-05-03 16:28:17 +02:00
guenicoe
a3cc577ebd
added cmd on the USOSVC vuln
...
Added `cmd \c C:\Users\nc.exe` as not typing `cmd \c` did not work for me. Might need even more explanation
2020-03-24 20:15:59 +00:00
PixeL
1b190939c4
Remove example from win priv esc
...
This example was used on hackthebox where it leaked the root flag of a machine on free servers.
This resulted in every user being able to get the root flag before they have even completed the box which isn't fair to others.
This example should either be changed or removed completely to combat copy-pasting without knowing what you're doing.
2020-03-23 17:17:42 -05:00
Fanis Katsimpas
2bdbb2dbc5
Update Windows - Privilege Escalation.md
...
Make powershell on EoP - Runas easier to copy paste
2020-03-22 19:25:35 +00:00
Swissky
7cd49769be
WMI + Cobalt Strike
2020-02-13 22:53:45 +01:00
Swissky
fb76fdc331
Windows Firewall + DLL hijacking + Named pipes
2020-02-01 22:12:36 +01:00
Swissky
742c7ee3c2
AppLocker rules
2020-01-06 23:03:54 +01:00
Swissky
b052f78d95
Blacklist3r and Machine Key
2020-01-02 23:33:04 +01:00
Swissky
896e262531
Privilege impersonation and GraphQL SQLi
2019-12-11 16:59:14 +01:00
Swissky
3abaa3e23d
Linux AD - Keyring, Keytab, CCACHE
2019-11-25 23:12:06 +01:00
Swissky
43f185d289
CVE-2019-1322 UsoSvc
2019-11-11 20:31:07 +01:00
Swissky
f6d5221a85
SID history break trust + Powershell history + SCF files
2019-11-07 23:21:00 +01:00
Swissky
357658371f
SSRF URL for Google Cloud
2019-10-06 20:59:58 +02:00
Swissky
5455c30ec7
Juicy Potato + XXE update
2019-09-08 19:44:51 +02:00
Swissky
bb305d0183
Network Discovery - Masscan update
2019-08-29 01:08:26 +02:00
Swissky
6c161f26b2
JWT None alternative + MS15-051
2019-08-22 23:03:48 +02:00
Swissky
8dffb59ac5
Pspy + Silver Ticket + MSSQL connect
2019-08-18 22:24:48 +02:00
Swissky
b6697d8595
SSRF SVG + Windows Token getsystem
2019-08-15 18:21:06 +02:00
Swissky
98124178db
EoP - Juicy Potato
2019-07-26 15:29:34 +02:00
Swissky
f6c0f226af
PXE boot attack
2019-07-25 14:08:32 +02:00
Swissky
a14b3af934
Active Directory - Resource Based Constrained Delegation
2019-07-22 21:45:50 +02:00
Swissky
13ba72f124
GraphQL + RDP Bruteforce + PostgreSQL RCE
2019-07-01 23:29:29 +02:00
Swissky
46780de750
PostgreSQL rewrite + LFI SSH
2019-06-29 19:23:34 +02:00
Swissky
9be62677b6
Add root user + PHP null byte version
2019-06-24 00:21:39 +02:00
Swissky
9745e67465
HQL Injection + references update
2019-06-16 23:45:52 +02:00
Dan Borges
24a05c7098
Update Windows - Privilege Escalation.md
2019-06-11 11:51:09 -07:00
Swissky
a85fa5af28
Local File Include : rce via mail + kadimus
2019-06-10 00:05:47 +02:00
Swissky
5d4f65720a
PrivEsc - Common Exploits
2019-06-09 20:53:41 +02:00
Swissky
adcea1a913
Linux PrivEsc + SSH persistency
2019-06-09 16:05:44 +02:00
Swissky
93f6c03b54
GraphQL + LXD/etc/passwd PrivEsc + Win firewall
2019-06-09 13:46:40 +02:00
Swissky
f88da43e1c
SQL informationschema.processlist + UPNP warning + getcap -ep
2019-05-25 18:19:08 +02:00
Swissky
9c2e63818f
XSS without parenthesis, semi-colon + Lontara
2019-05-15 21:55:17 +02:00