Windows Privilege Escalation

Installation

SKILL.md

Windows Privilege Escalation

Purpose

Provide systematic methodologies for discovering and exploiting privilege escalation vulnerabilities on Windows systems during penetration testing engagements. This skill covers system enumeration, credential harvesting, service exploitation, token impersonation, kernel exploits, and various misconfigurations that enable escalation from standard user to Administrator or SYSTEM privileges.

Inputs / Prerequisites

Initial Access: Shell or RDP access as standard user on Windows system
Enumeration Tools: WinPEAS, PowerUp, Seatbelt, or manual commands
Exploit Binaries: Pre-compiled exploits or ability to transfer tools
Knowledge: Understanding of Windows security model and privileges
Authorization: Written permission for penetration testing activities

Outputs / Deliverables

Privilege Escalation Path: Identified vector to higher privileges
Credential Dump: Harvested passwords, hashes, or tokens
Elevated Shell: Command execution as Administrator or SYSTEM
Vulnerability Report: Documentation of misconfigurations and exploits
Remediation Recommendations: Fixes for identified weaknesses

Core Workflow

🧠 Knowledge Modules (Fractal Skills)

1. 1. System Enumeration

2. 2. Credential Harvesting

3. 3. Service Exploitation

4. 4. Token Impersonation

5. 5. Kernel Exploitation

6. 6. Additional Techniques

7. Enumeration Tools

8. Default Writable Folders

9. Common Privilege Escalation Vectors

10. Impersonation Privilege Exploits

11. Operational Boundaries

12. Detection Considerations

13. Legal Requirements

14. Example 1: Service Binary Path Exploitation

15. Example 2: AlwaysInstallElevated Exploitation

16. Example 3: JuicyPotato Token Impersonation

17. Example 4: Unquoted Service Path

18. Example 5: Credential Harvesting from Registry

Related skills

More from dokhacgiakhoa/antigravity-ide

Installs

–

Repository

dokhacgiakhoa/a…vity-ide

GitHub Stars

429

First Seen

–

Security Audits

Gen Agent Trust HubWarn