Automation Enumeration
WinPEAS
WinPEAS is part of the PEAS (Privilege Escalation Awesome Scripts) suite. It is a script designed to automate the process of finding potential privilege escalation vectors on Windows systems.
Usage:
Download the
winpeas.exefile from the repository.Upload the file to the target system and execute it.
peas.exeThe script will provide detailed output regarding misconfigurations, unquoted service paths, installed applications, and more.
Link: WinPEAS
Sherlock
Sherlock is a PowerShell script that scans for known vulnerabilities in the Windows operating system that can be exploited for privilege escalation.
Usage:
Download
Sherlock.ps1.Run it in a PowerShell session with the command:
powershell -ep bypass
.\\Sherlock.ps1The script will identify any exploitable vulnerabilities present in the system.
Link: Sherlock
Watson
Watson is a vulnerability scanner that helps identify vulnerabilities based on the system’s patch level. It’s used to identify missing patches or configurations that could lead to privilege escalation.
Usage:
Download
Watson.exeor compile it.Run the executable in the system:
Watson.exeLink: Watson
PowerUp
PowerUp is part of PowerSploit, a collection of PowerShell scripts that can be used for post-exploitation. PowerUp specifically looks for privilege escalation opportunities on Windows systems.
Usage:
Download
PowerUp.ps1.Run the script in PowerShell:
powershell -ep bypass .\\PowerUp.ps1PowerUp will scan the system for various weaknesses like service misconfigurations, registry key permissions, etc.
Link: PowerUp
Windows Exploit Suggester
This tool compares the patch level of the target system against the latest security bulletins from Microsoft to suggest potential privilege escalation vulnerabilities.
Usage:
Clone the repository.
Update the database:
./windows-exploit-suggester.py --updateUse the tool to compare the system info:
./windows-exploit-suggester.py --database <db.xls> --systeminfo <sysinfo.txt>Last updated