Getting Access
Hack Responsibly.
Always ensure you have explicit permission to access any computer system before using any of the techniques contained in these documents. You accept full responsibility for your actions by applying any knowledge gained here.
Lateral Movement
PowerShell Remoting
Remote Code Execution with PS Credentials
Import a PowerShell module and execute its functions remotely
Executing Remote Stateful commands
Useful Tools
Powercat netcat written in powershell, and provides tunneling, relay and portforward capabilities.
SCShell fileless lateral movement tool that relies on ChangeServiceConfigA to run command
Evil-Winrm the ultimate WinRM shell for hacking/pentesting
RunasCs Csharp and open version of windows builtin runas.exe
Last updated