> For the complete documentation index, see [llms.txt](https://cel1s0.gitbook.io/offsec-notes/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cel1s0.gitbook.io/offsec-notes/readme/windows.md).

# Windows

- [Checklist - PrivEsc](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc.md): Checklist for privilege escalation in Windows
- [MSSQL](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/mssql.md)
- [PsExec.exe](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/psexec.exe.md)
- [Build Exploits](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/build-exploits.md)
- [Unquoted Service Paths](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/unquoted-service-paths.md)
- [SeImpersonateToken](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/seimpersonatetoken.md): SeImpersonateToken or SeAssignPrimaryToken - Enabled
- [SeRestorePrivilege](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/serestoreprivilege.md)
- [SeBackupPrivilege](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/sebackupprivilege.md)
- [Abuse GPO](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/abuse-gpo.md)
- [Job with editable file](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/job-with-editable-file.md)
- [AlwaysInstallElevated](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/alwaysinstallelevated.md)
- [Misconfigured LDAP](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/misconfigured-ldap.md): Exploiting misconfigured LAPS service.
- [GMSA](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/gmsa.md)
- [MS17-010](https://cel1s0.gitbook.io/offsec-notes/readme/windows/privesc/ms17-010.md): EternalBlue MS 17-010 exploiting ways without Metasploit.
- [Useful PS Scripts](https://cel1s0.gitbook.io/offsec-notes/readme/windows/useful-ps-scripts.md)
- [GetUserSPNs.ps1](https://cel1s0.gitbook.io/offsec-notes/readme/windows/useful-ps-scripts/getuserspns.ps1.md)
- [Master MDF Hash Extraction](https://cel1s0.gitbook.io/offsec-notes/readme/windows/useful-ps-scripts/master-mdf-hash-extraction.md)
- [Spray-Passwords.ps1](https://cel1s0.gitbook.io/offsec-notes/readme/windows/useful-ps-scripts/spray-passwords.ps1.md)
- [Password Extraction](https://cel1s0.gitbook.io/offsec-notes/readme/windows/password-extraction.md): In this topic your privilege has to be high privilege.
- [Office Macro](https://cel1s0.gitbook.io/offsec-notes/readme/windows/office-macro.md)
- [Microsoft Office](https://cel1s0.gitbook.io/offsec-notes/readme/windows/office-macro/microsoft-office.md)
- [Open Office](https://cel1s0.gitbook.io/offsec-notes/readme/windows/office-macro/open-office.md)
- [Post Exploitation](https://cel1s0.gitbook.io/offsec-notes/readme/windows/post-exploitation.md): It covers post exploitation steps for movements in AD.
