windows-privilege-escalation

star 444

This skill should be used when the user asks to "escalate privileges on Windows," "find Windows privesc vectors," "enumerate Windows for privilege escalation," "exploit Windows misconfigurations," or "perform post-exploitation privilege escalation." It provides comprehensive guidance for discovering and exploiting privilege escalation vulnerabilities in Windows environments.

Dokhacgiakhoa By Dokhacgiakhoa schedule Updated 2/11/2026
play_arrow Run Skill in Manus View GitHub

name: Windows Privilege Escalation description: This skill should be used when the user asks to "escalate privileges on Windows," "find Windows privesc vectors," "enumerate Windows for privilege escalation," "exploit Windows misconfigurations," or "perform post-exploitation privilege escalation." It provides comprehensive guidance for discovering and exploiting privilege escalation vulnerabilities in Windows environments. metadata: author: zebbern version: 4.1.0-fractal

Windows Privilege Escalation

Purpose

Provide systematic methodologies for discovering and exploiting privilege escalation vulnerabilities on Windows systems during penetration testing engagements. This skill covers system enumeration, credential harvesting, service exploitation, token impersonation, kernel exploits, and various misconfigurations that enable escalation from standard user to Administrator or SYSTEM privileges.

Inputs / Prerequisites

  • Initial Access: Shell or RDP access as standard user on Windows system
  • Enumeration Tools: WinPEAS, PowerUp, Seatbelt, or manual commands
  • Exploit Binaries: Pre-compiled exploits or ability to transfer tools
  • Knowledge: Understanding of Windows security model and privileges
  • Authorization: Written permission for penetration testing activities

Outputs / Deliverables

  • Privilege Escalation Path: Identified vector to higher privileges
  • Credential Dump: Harvested passwords, hashes, or tokens
  • Elevated Shell: Command execution as Administrator or SYSTEM
  • Vulnerability Report: Documentation of misconfigurations and exploits
  • Remediation Recommendations: Fixes for identified weaknesses

Core Workflow

🧠 Knowledge Modules (Fractal Skills)

1. 1. System Enumeration

2. 2. Credential Harvesting

3. 3. Service Exploitation

4. 4. Token Impersonation

5. 5. Kernel Exploitation

6. 6. Additional Techniques

7. Enumeration Tools

8. Default Writable Folders

9. Common Privilege Escalation Vectors

10. Impersonation Privilege Exploits

11. Operational Boundaries

12. Detection Considerations

13. Legal Requirements

14. Example 1: Service Binary Path Exploitation

15. Example 2: AlwaysInstallElevated Exploitation

16. Example 3: JuicyPotato Token Impersonation

17. Example 4: Unquoted Service Path

18. Example 5: Credential Harvesting from Registry

Install via CLI
npx skills add https://github.com/Dokhacgiakhoa/antigravity-ide --skill windows-privilege-escalation
Repository Details
star Stars 444
call_split Forks 137
navigation Branch main
article Path SKILL.md
More from Creator
Dokhacgiakhoa
Dokhacgiakhoa Explore all skills →