Hacking Windows: Difference between revisions

Find common vulnerabilities and misconfigurations in a windows environment to escalate your privileges: winPEAS

• Living Off The Land Binaries, Scripts and Libraries: https://lolbas-project.github.io
• Living off the land. Evading detection with Sysinternals: https://live.sysinternals.com (\\live.sysinternals.com\tools)
• mimikatz: https://github.com/gentilkiwi/mimikatz/releases
• https://github.com/fortra/impacket
• Disable Defender
• Windows - Using credentials
• Credential Access & Dumping: https://www.ired.team/offensive-security/credential-access-and-credential-dumping
• Lateral Movement: https://www.ired.team/offensive-security/lateral-movement

Active Directory

Active Directory General Tools & resources you may find useful for learning.

See Active Directory for learning resources and tools.

Antivirus & EDR Evasion

• https://s3cur3th1ssh1t.github.io/Bypass_AMSI_by_manual_modification/
• https://s3cur3th1ssh1t.github.io/Customizing_C2_Frameworks/
• https://s3cur3th1ssh1t.github.io/Powershell-and-the-.NET-AMSI-Interface/
• https://www.blackhillsinfosec.com/tag/sacred-cash-cow-tipping/
• https://blog.securityevaluators.com/creating-av-resistant-malware-part-1-7604b83ea0c0
• https://www.ired.team/offensive-security/defense-evasion
• https://www.youtube.com/watch?v=UO3PjJIiBIE
• https://github.com/matterpreter/DefenderCheck
• https://github.com/RythmStick/AMSITrigger
• https://amsi.fail
• https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/Windows - AMSI Bypass.md

Persistence

• Windows - Persistence