# Windows - [Checklist - PrivEsc](/offsec-notes/readme/windows/privesc.md): Checklist for privilege escalation in Windows - [MSSQL](/offsec-notes/readme/windows/privesc/mssql.md) - [PsExec.exe](/offsec-notes/readme/windows/privesc/psexec.exe.md) - [Build Exploits](/offsec-notes/readme/windows/privesc/build-exploits.md) - [Unquoted Service Paths](/offsec-notes/readme/windows/privesc/unquoted-service-paths.md) - [SeImpersonateToken](/offsec-notes/readme/windows/privesc/seimpersonatetoken.md): SeImpersonateToken or SeAssignPrimaryToken - Enabled - [SeRestorePrivilege](/offsec-notes/readme/windows/privesc/serestoreprivilege.md) - [SeBackupPrivilege](/offsec-notes/readme/windows/privesc/sebackupprivilege.md) - [Abuse GPO](/offsec-notes/readme/windows/privesc/abuse-gpo.md) - [Job with editable file](/offsec-notes/readme/windows/privesc/job-with-editable-file.md) - [AlwaysInstallElevated](/offsec-notes/readme/windows/privesc/alwaysinstallelevated.md) - [Misconfigured LDAP](/offsec-notes/readme/windows/privesc/misconfigured-ldap.md): Exploiting misconfigured LAPS service. - [GMSA](/offsec-notes/readme/windows/privesc/gmsa.md) - [MS17-010](/offsec-notes/readme/windows/privesc/ms17-010.md): EternalBlue MS 17-010 exploiting ways without Metasploit. - [Useful PS Scripts](/offsec-notes/readme/windows/useful-ps-scripts.md) - [GetUserSPNs.ps1](/offsec-notes/readme/windows/useful-ps-scripts/getuserspns.ps1.md) - [Master MDF Hash Extraction](/offsec-notes/readme/windows/useful-ps-scripts/master-mdf-hash-extraction.md) - [Spray-Passwords.ps1](/offsec-notes/readme/windows/useful-ps-scripts/spray-passwords.ps1.md) - [Password Extraction](/offsec-notes/readme/windows/password-extraction.md): In this topic your privilege has to be high privilege. - [Office Macro](/offsec-notes/readme/windows/office-macro.md) - [Microsoft Office](/offsec-notes/readme/windows/office-macro/microsoft-office.md) - [Open Office](/offsec-notes/readme/windows/office-macro/open-office.md) - [Post Exploitation](/offsec-notes/readme/windows/post-exploitation.md): It covers post exploitation steps for movements in AD.