Red Teaming Experiments
Red Teaming Experiments
linkedin
github
@spotheplanet
patreon
What is this?
Pinned
Pentesting Cheatsheets
Active Directory & Kerberos Abuse
offensive security
Red Team Infrastructure
Initial Access
Code Execution
Code & Process Injection
Defense Evasion
Enumeration and Discovery
Privilege Escalation
T1134: Primary Access Token Manipulation
Windows NamedPipes 101 + Privilege Escalation
T1038: DLL Hijacking
T1108: WebShells
T1183: Image File Execution Options Injection
Unquoted Service Paths
Pass The Hash: Privilege Escalation with Invoke-WMIExec
Environment Variable $Path Interception
Weak Service Permissions
Credential Access & Dumping
Lateral Movement
Persistence
Exfiltration
reversing, forensics & misc
Windows Kernel / Internals
Exploring Process Environment Block
ETW: Event Tracing for Windows 101
Parsing PE File Headers with C++
Exploring Injected Threads
Dump Virtual Box Memory
AES Encryption Using Crypto++ .lib in Visual Studio C++
Reversing Password Checking Routine
Powered by GitBook

Privilege Escalation

Here are the articles in this section:
T1134: Primary Access Token Manipulation
Defense Evasion, Privilege Escalation by stealing an re-using security access tokens.
Windows NamedPipes 101 + Privilege Escalation
T1038: DLL Hijacking
DLL Search Order Hijacking for privilege escalation, code execution, etc.
T1108: WebShells
Redundant Access - Webshells for evading defenses and persistence.
T1183: Image File Execution Options Injection
Defense Evasion, Persistence, Privilege Escalation
Unquoted Service Paths
Pass The Hash: Privilege Escalation with Invoke-WMIExec
Environment Variable $Path Interception
Weak Service Permissions
Previous
Detecting Sysmon on the Victim Host
Next
T1134: Primary Access Token Manipulation
Last updated 1 year ago