22 articles
Learn what LocalAccountTokenFilterPolicy is in Windows, how it affects remote command execution with local administrative accounts, and how to disable it for pentesting purposes.
Detailed explanation of how NTLM authentication works in Windows, including LM and NT hashes, the Net-NTLMv2 process, and techniques like Pass The Hash.
Techniques for escalating privileges in Windows through passwords stored in the registry, configuration files, saved credentials, and SAM hash extraction.
Learn to identify and exploit misconfigured graphical applications in Windows to escalate privileges using GUI exploitation techniques.
Learn what Windows services are, how they work, the different types of privilege escalation related to services, and enumeration techniques with accesschk.exe.
Learn to identify and exploit Windows services with unquoted paths to escalate privileges using Unquoted Service Path techniques.
Learn to escalate privileges on Windows through kernel exploits, vulnerability enumeration, and tools like WESNG and Watson.
Learn how to use Plink.exe, the command-line version of PuTTY, to perform Remote Port Forwarding on older Windows systems without a built-in SSH client.
Learn to perform pivoting and port forwarding on Windows using Netsh, a native utility that allows port tunneling and firewall control.
If you like the content and want to support the project, you can buy me a coffee. Your support helps keep the site active and create more quality content.
Buy me a coffeeThanks for your support 🙏