Automated

WinPEAS

C:\> winpeas.exe > outputfile.txt

WinPEAS can be downloaded here.

PrivescCheck

PS C:\> Set-ExecutionPolicy Bypass -Scope process -Force # Bypass execution policy
PS C:\> . .\PrivescCheck.ps1
PS C:\> Invoke-PrivescCheck

PrivescCheck can be downloaded here.

WES-NG: Windows Exploit Suggester - Next Generation

Find exploit on attacking machine.

 systeminfo > systeminfo.txt # Target machine

 wes.py systeminfo.txt

WES-NG is a Python script that can be found and downloaded here.

Others

• PayloadsAllTheThings - Windows Privilege Escalation

• Priv2Admin - Abusing Windows Privileges

• RogueWinRM Exploit

• Potatoes

• Decoder's Blog

• Token Kidnapping

• Hacktricks - Windows Local Privilege Escalation