This script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information which might be useful for exploitation and/or post-exploitation.

I built on the amazing work done by @harmj0y and @mattifestation in PowerUp. I added more checks and also tried to reduce the amount of false positives.

It’s still a Work-in-Progress because there are a few more checks I want to implement but it’s already quite complete. If you have any suggestion (improvements, features), feel free to contact me on Twitter @itm4n.

Read more…