GenericAll GenericAll : Is a permission that gives full rights to an active directory objects. If you have GenericAll on group object, you can add users to the group. Enumeration PowerView Gene...

Self-Membership Self-Membership : Ability to add yourself to a group. If you have Self-Membership on group, you can add yourself to the group. Enumeration PowerView Self-Membership Enumeration ...

Insecure Service-> Unquoted Service Path Executables in Windows can be run without using their extension (e.g. “whoami.exe” can be run by just typing “whoami”). Some executables take arguments,...

Insecure Service-> Weak Registry Permissions If the registry entries of a service is modifiable by our user, and at thesame time we can stop/start the service , then we can achieve Privilege Es...

Insecure Service Permissions If we can change the configuration of a service, and at thesame time we can stop/start the service , then we can achieve Privilege Escalation if the service runs with ...

Insecure Service Executables If the original service executable is modifiable by our user, and at thesame time we can stop/start the service , then we can achieve Privilege Escalation if the servi...

Insecure GUI Apps On some (older) versions of Windows, users could be granted the permission to run certain GUI apps with administrator privileges. There are often numerous ways to spawn command p...

VNC Virtual Network Computing (VNC) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse...

Unconstrained delegation This is a feature that a Domain Administrator can set to any Computer inside the domain. Then, anytime a user logins onto the Computer, a copy of the TGT of that user is g...

Telnet Telnet is a networking protocol and software program used to access remote computers and terminals over the Internet or a TCP/IP computer network. It runs on port 23 by default. Enumeratio...