Windows Host Analysis.md

Running powershell on blacklisted clients

Powershell without Powershell
https://www.blackhillsinfosec.com/powershell-without-powershell-how-to-bypass-application-whitelisting-environment-restrictions-av/

Stuff to try out

• Test if you can create a scheduled task with admin privilege
• Run > powershell > "-ExecutionPolicy Bypass" it will start a PowerShell session that allows for running scripts and keeps the lowered permissions isolated to just the current running process.

Further information

• Privilege escalation
  ** https://github.com/pha5matis/Pentesting-Guide/blob/master/privilege_escalation_windows.md
  ** https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md