Tools
It is always a safe bet to upload tools to C:\Windows\Temp because the BUILTIN\Users group has write access.
LOLBAS
LOLBASThe goal of the LOLBAS project is to document every binary, script, and library that can be used for Living Off The Land techniques.
Snaffler
SnafflerSnaffler is a tool for pentesters and red teamers to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment).
Seatbelt
SeatbeltC# project for performing a wide variety of local privilege escalation checks
WinPEAS
WinPEASWinPEAS is a script that searches for possible paths to escalate privileges on Windows hosts.
PowerUP
PowerUPPowerShell script for finding common Windows privilege escalation vectors that rely on misconfigurations. It can also be used to exploit some of the issues found.
SharpUp
SharpUpC# version of PowerUp. Very useful tool to check for service binaries suffering from weak ACLs.
JAWS
JAWSPowerShell script for enumerating privilege escalation vectors written in PowerShell 2.0
SessionGopher
SessionGopherPowerShell tool to find and decrypt saved session info for remote access tools like PuTTY, WinSCP, FileZilla, and RDP.
Watson
Watson.NET tool to identify missing patches and suggest privilege escalation exploits.
LaZagne
LaZagnePython tool which extracts locally stored passwords from browsers, chat tools, databases, Wi-Fi configs, and more.
Windows Exploit Suggester - NG
Windows Exploit Suggester - NGPython / Powershell tool that analyzes the output of Windows' systeminfo to identify OS vulnerabilities, including associated exploits. It supports all Windows versions from XP to Windows 10, including server editions, making it useful for pinpointing specific security weaknesses.
Sysinternals Suite
Sysinternals SuiteIncludes tools like AccessChk, PipeList, and PsService for system enumeration.
Last updated