Skip to main content
Windows post-exploitation centres on understanding where you sit in the local and domain privilege hierarchy, then escalating through misconfigs, token abuse, or credential access. These pages cover the core paths.

Privilege Escalation

Service misconfigs, unquoted paths, AlwaysInstallElevated, token impersonation, SeImpersonatePrivilege, and WinPEAS

Post Exploitation

Credential dumping, persistence, AV evasion basics, and lateral movement prep from a Windows foothold

First Things After Shell

Run these immediately on landing to understand your position before escalating: