Privilege Escalation

Primary Access Token Manipulation Windows NamedPipes 101 + Privilege Escalation DLL Hijacking WebShells Image File Execution Options Injection Unquoted Service Paths Pass The Hash: Privilege Escalation with Invoke-WMIExec Environment Variable $Path Interception Weak Service Permissions

PreviousDetecting Sysmon on the Victim Host NextPrimary Access Token Manipulation