Windows PE Checklist

Here's a list of things that you can check on a system after gaining initial access in order to privilege escalate,

  1. Who are you

  2. What groups are you part of?

  3. What privileges do you have?

  4. Do you specifically have SeImpersonatePrivilege? The JuicyPotato is the way to go

  5. Are there any backups of SAM & SYSTEM files?

  6. Are there any unquoted program files?

  7. Do you have permission to swap out an executable, then restart the machine or service?

  8. Do you have permission to change the password of another user?

  9. Are there any scheduled tasks that you can manipulate?

  10. Are there any binaries or files in the user's directories?

Last updated