Links

Checklist

Defenses

  • AMSI
  • CLM
  • AV
  • Applocker

Lateral Movement

  • LAPS
  • Unconstrained Delegation
  • Constrained Delegation
  • Resource Based Constrained Delegation
  • MSSQL Linked Servers
  • Pass The Hash
  • Relay The Hash
  • Crack the Hash
  • RDP / SharpRDP
  • Web Application
  • Fileless Lateral Movement
  • Mimikatz
  • Proxychains / Autoroute / SSH (Port Fowarding)
  • Bloodhound
  • JFROG
  • KEYTAB (Kerberos)
  • SSH
  • Ansible
  • SPOOLSS

Privilege Escalation

Windows

  • PowerUP
  • LinPeas
  • Creds in Config Files
  • SEimpersonation (PrintSpoofer,Spooler,etc)
  • ShadowCopy
  • Hivenightmare
  • Mimikatz
  • UAC
  • MSSQL
  • Listening Services
  • Kernel

Linux

  • Shared Library
  • Sudo
  • Groups
  • Listening Services
  • Ansible (Unix)
  • lse / Linpeas
  • JFROG

MSSQL

  • Linked Servers
  • Priv Esc
  • Enable Shell
  • Code Exec
  • Relay netv2 hash

Web Application

  • Unrestricted File upload (ASPX)
  • SQL Injection
  • Server Side Template Injection
  • RFI
  • LFI
  • Web Service
  • BruteForce
  • CVE
  • Phishing
  • Code Exec