EOP Windows Tools and Resources
Last updated
Last updated
Hacktricks .
Best tool to look for privilege escalation .
EOP.
Compiled
is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
CME
PowerShell script Windows privilege escalation vectors that rely on misconfigurations. It can also be used to exploit some of the issues found.
SharpUp is a C# port of various PowerUp functionality
Just Another Windows (Enum) Script.
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop.
Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities.
Tool used for retrieving passwords stored on a local machine from web browsers, chat tools, databases, Git, email, memory dumps, PHP, sysadmin tools, wireless network configurations, internal Windows password storage mechanisms, and more.
Windows Exploit - Next Generation : WES-NG is a tool based on the output of Windows' systeminfo
utility which provides the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities.
enumeration script like to look for missing patches
is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
This is handy for searching out detailed information about Microsoft security vulnerabilities.
For an older OS like Windows Server 2008, we can use an enumeration script like to look for missing patches. We can also use something like .
which will help us quickly find any potential privilege escalation vectors and run them within Metasploit should any module exist.
This has a more detailed listing of the end-of-life dates for Microsoft Windows and other products