PrivescCheck: Privilege Escalation Enumeration Script for Windows
PrivescCheck
This script aims to identify Local Privilege Escalation (LPE) vulnerabilities that are usually due to Windows configuration issues, or bad practices. It can also gather useful information for some exploitation and post-exploitation tasks.
Check types
All the checks implemented in PrivescCheck have a Type. This value, and the flags specified on the command line, will determine if they are run, or not.
Base
Checks of type Base will always be executed, unless the script is run as an administrator. They are mainly intended for identifying privilege escalation vulnerabilities, or other important issues.
Extended
Checks of type Extended can only be executed if the option -Extended is specified on the command line. They are mainly intended for providing additional information that could be useful for exploit development, or post-exploitation.
Audit
Checks of type Audit can only be executed if the option -Audit is specified on the command line. They are mainly intended for providing information that is relevant in the context of a configuration audit.
Experimental
Checks of type Experimental can only be executed if the option -Experimental is specified on the command line. These are unstable checks that need further work. Use them with caution.
Download & Use
Copyright (c) 2023, Clément LABRO
