# Checklist

### Defenses

* [ ] AMSI
* [ ] [CLM](https://github.com/calebstewart/bypass-clm)
* [ ] [AV](https://raw.githubusercontent.com/In3x0rabl3/OSEP/main/Bypass_Defender/FuckDefender.ps1)
* [ ] Applocker

### Lateral Movement

* [ ] LAPS
* [ ] Unconstrained Delegation
* [ ] Constrained Delegation
* [ ] Resource Based Constrained Delegation
* [ ] MSSQL Linked Servers
* [ ] Pass The Hash
* [ ] Relay The Hash
* [ ] Crack the Hash
* [ ] RDP / SharpRDP
* [ ] Web Application
* [ ] Fileless Lateral Movement
* [ ] Mimikatz
* [ ] Proxychains / Autoroute / SSH (Port Fowarding)
* [ ] Bloodhound
* [ ] JFROG
* [ ] KEYTAB (Kerberos)
* [ ] SSH
* [ ] Ansible
* [ ] SPOOLSS

### Privilege Escalation

#### Windows

* [ ] PowerUP
* [ ] LinPeas
* [ ] Creds in Config Files
* [ ] SEimpersonation (PrintSpoofer,Spooler,etc)
* [ ] ShadowCopy
* [ ] Hivenightmare
* [ ] Mimikatz
* [ ] UAC
* [ ] MSSQL
* [ ] Listening Services
* [ ] Kernel

#### Linux

* [ ] Shared Library
* [ ] Sudo
* [ ] Groups
* [ ] Listening Services
* [ ] Ansible (Unix)
* [ ] lse / Linpeas
* [ ] JFROG

### MSSQL

* [ ] Linked Servers
* [ ] Priv Esc
* [ ] Enable Shell
* [ ] Code Exec
* [ ] Relay netv2 hash

### Web Application

* [ ] Unrestricted File upload (ASPX)
* [ ] SQL Injection
* [ ] Server Side Template Injection
* [ ] RFI
* [ ] LFI
* [ ] Web Service
* [ ] BruteForce
* [ ] CVE
* [ ] Phishing
* [ ] Code Exec