OFFSEC Wiki

Exploits related to Windows

Active Directory

AD CS (Active Directory Certificate Services) Pentesting
AS-REP Roasting
Active Directory Pentesting
BloodHound SharpHound for Active Directory
Kerberos Pentesting
LAPS (Local Administrator Password Solution) Pentesting
LDAP (Lightweight Directory Access Protocol) Pentesting
NTLM (New Technology LAN Manager) Pentesting
Netlogon Elavasion of Privilege
SMB (Server Message Block) Pentesting

Protocol

MSRPC (Microsoft Remote Procedure Call) Pentesting
RDP (Remote Desktop Protocol) Pentesting
WinRM (Windows Remote Management) Pentesting

Privilege Escalation

Iperius Backup Service Privilege Escalation
ManageEngine ADSelfService Plus PrivEsc
Mimikatz
Outlook Reminder Privilege Escalation
UAC Windows Privilege Escalation
Windows PrivEsc with Potatoes
Windows PrivEsc with Registry Keys
Windows PrivEsc with SeBackupPrivilege
Windows PrivEsc with Unquoted Service Path
Windows Privilege Escalation

Post Exploitation

Windows Pivoting

PowerShell

PowerShell
PowerView

Others

Dumping Windows Password Hashes
LocalPotato
M365 (Microsoft Office 365) Pentesting
Microsoft Outlook Message (.msg)
Microsoft Word Pentesting
Reading OneDrive Logs
WSL Pentesting
Windows API
Windows Disk Management
Windows Forensics
Windows Memory Dump Analysis
Windows Pivoting
Windows Print Spooler Service
Windows Remote Code Execution from Linux
Windows XML EventLog (EVTX)

LocalPotato

Last modified: 2023-03-18

Privilege Escalation Windows

LocalPotato is the Windows NTLM authentication vulnerability to privilege escalation (CVE-2023-21746).

No content yet.

References

  • https://github.com/decoder-it/LocalPotato
  • https://www.localpotato.com/localpotato_html/LocalPotato.html
  • https://tryhackme.com/room/localpotato

Tools by Muhammd

RedTeam Repos

Automatic PenTest Scripts

AutoRecon

Auto reconnaissance CLI.

PenTest Tools

PenTest Tools

Disclaimer Privacy Policy
GitHub Twitter