# Domain Privilege Escalation

**Ways of Locally Escalating Privileges on Windows box:**

* Missing patches&#x20;
* Automated deployment and AutoLogon passwords in clear text&#x20;
* AlwaysInstallElevated (Any user can run MSI as SYSTEM)&#x20;
* Misconfigured Services&#x20;
* DLL Hijacking and more&#x20;
* NTLM Relaying a.k.a. Won't Fix

Tools for complete coverage:

* **PowerUp:** <https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc>
* **Privesc:** <https://github.com/enjoiz/Privesc>
* **winPEAS:** <https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS>&#x20;
* **BeRoot:** <https://github.com/AlessandroZ/BeRoot>
* **FullPowers:** Restore A Service Account's Privileges <https://github.com/itm4n/FullPowers>