Top 5 scripts for Windows-privesc

binary, hands, keyboard-2372130.jpg

In order to obtain elevated access to resources that are typically guarded from an application or user, privilege escalation is the process of taking advantage of a bug, a design flaw, or a configuration oversight in an operating system or software program.

 

1- Windows-privesc-check –

 

It looks for configuration errors that might let local non-privileged users gain access to other users’ accounts or local apps (like databases), or escalate their privileges.

 

Instead of having to unzip Python and other dependencies, it is written in Python and turned into an executable using pyinstaller

 

It can operate either as a regular user or as an administrator (obviously, since it can read more files when operating as an administrator, it performs better).

 

Download link – https://github.com/pentestmonkey/windows-privesc-check 

 

2- Sherlock –

 

For local privilege escalation vulnerabilities, a PowerShell script can be used to quickly find any unpatched software.

 

 Download link – https://github.com/rasta-mouse/Sherlock 

 

3- Windows Privesc Check (WPC-PS) – 

 

After unsuccessfully attempting to fix the original Windows Privesc Check tool’s code and sobbing uncontrollably, it was decided to look for a more suitable tool. 

 

This is an experiment to add similar functionality to Powershell, which has been a part of every Windows installation since Windows 7/Server 2008 R2.

 

Download link – https://github.com/silentsignal/wpc-ps 

 

4- PowerUp – 

 

PowerUp is a trusted and widely used PowerShell script created by PowerShellMafia that helps in finding potential privilege escalation paths and misconfigurations on Windows systems.

 

PowerUp focuses on identifying frequent privilege escalation vectors, including registry errors, unquoted service paths, and weak service permissions. 

 

Security experts can run the script to identify potential flaws and recommend the best course of action for fixing them. 

 

Download link – https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1 

 

5- Privesc –

 

a Windows PowerShell script that looks for configuration errors that might result in privilege escalation.

 

Download link – https://github.com/enjoiz/Privesc 

 

 

Note – Before attempting any privilege escalation activities, it is essential to follow ethical hacking best practices and obtain the required authorizations.

 

Related Posts