search

Tools

Tool
Description

Seatbeltarrow-up-right

C# project for performing a wide variety of local privilege escalation checks

winPEASarrow-up-right

WinPEAS is a script that searches for possible paths to escalate privileges on Windows hosts. All of the checks are explained herearrow-up-right

PowerUparrow-up-right

PowerShell script for finding common Windows privilege escalation vectors that rely on misconfigurations. It can also be used to exploit some of the issues found

SharpUparrow-up-right

C# version of PowerUp

JAWSarrow-up-right

PowerShell script for enumerating privilege escalation vectors written in PowerShell 2.0

SessionGopherarrow-up-right

SessionGopher is a PowerShell tool that finds and decrypts saved session information for remote access tools. It extracts PuTTY, WinSCP, SuperPuTTY, FileZilla, and RDP saved session information

Watsonarrow-up-right

Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.

LaZagnearrow-up-right

Tool used for retrieving passwords stored on a local machine from web browsers, chat tools, databases, Git, email, memory dumps, PHP, sysadmin tools, wireless network configurations, internal Windows password storage mechanisms, and more

Windows Exploit Suggester - Next Generationarrow-up-right

WES-NG is a tool based on the output of Windows' systeminfo utility which provides the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. Every Windows OS between Windows XP and Windows 10, including their Windows Server counterparts, is supported

Sysinternals Suitearrow-up-right

We will use several tools from Sysinternals in our enumeration including AccessChkarrow-up-right, PipeListarrow-up-right, and PsServicearrow-up-right

hashtag
PowerUp

LogoPowerSploit/Privesc/PowerUp.ps1 at master · PowerShellMafia/PowerSploitGitHubchevron-right
LogoPowerUp: A Usage Guideharmj0ychevron-right

hashtag
SharpUp

LogoGitHub - GhostPack/SharpUp: SharpUp is a C# port of various PowerUp functionality.GitHubchevron-right
LogoGhostpack-CompiledBinaries/SharpUp.exe at master · r3motecontrol/Ghostpack-CompiledBinariesGitHubchevron-right

hashtag
ACEshark

LogoGitHub - t3l3machus/ACEshark: ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.GitHubchevron-right

hashtag
WinPEAS

https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe/winPEAS/bingithub.comchevron-right

hashtag
PrivescCheck

LogoGitHub - itm4n/PrivescCheck: Privilege Escalation Enumeration Script for WindowsGitHubchevron-right
PrivescCheck

hashtag
PrivEsc

LogoGitHub - enjoiz/Privesc: Windows batch script that finds misconfiguration issues which can lead to privilege escalation.GitHubchevron-right

hashtag
Carseat

Python implementation of Seatbelt

LogoGitHub - 0xthirteen/Carseat: Python implementation of GhostPack's Seatbelt situational awareness toolGitHubchevron-right

hashtag
Windows-Exploit-Suggester

LogoGitHub - strozfriedberg/Windows-Exploit-Suggester: This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.GitHubchevron-right

hashtag
WES-NG

LogoGitHub - bitsadmin/wesng: Windows Exploit Suggester - Next GenerationGitHubchevron-right

hashtag
Watson - Exploit Suggester

LogoGitHub - rasta-mouse/Watson: Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilitiesGitHubchevron-right

hashtag
BeRoot

LogoGitHub - AlessandroZ/BeRoot: Privilege Escalation Project - Windows / Linux / MacGitHubchevron-right
BeRoot

hashtag
Pre-compiled Tools

LogoGitHub - r3motecontrol/Ghostpack-CompiledBinaries: Compiled Binaries for GhostpackGitHubchevron-right

hashtag
All Tools from CPTS pre-compiled

LogoFile folder on MEGAmega.nzchevron-right
Windows Privilege Escalation Tools (CPTS) - Mega

Also on my github

LogoGitHub - 0xSs0rZ/Windows_PrivEsc_Tools_precompiledGitHubchevron-right

PreviousWindowsNextCheatsheet

Last updated