Windows Exploits

Windows Exploit Suggester

./wes.py --update

systeminfo > systeminfo.txt

wes.py systeminfo.txt

Get-HotFix | Sort-Object InstalledOn -Descending

Search DIRECTORY for files that contain STRING

ls -r c:\PATH\TO\DIRECTORY -file | % {Select-String -path $_ -pattern STRING}

Configure a Windows machine as a WPA2-PSK Access Point

netsh wlan set hostednetwork mode=allow ssid=<MYSSID> key=<MYPASSWORD> && netsh wlan start hostednetwork

Configure a TCP port forwarding relay from IPv4 to IPv6

netsh interface portproxy add v4tov6 listenport=<LPORT> listenaddress=0.0.0.0 connectport=<RPORT> connectaddress=<RHOST>

Mount Remote Network Share

net use X: \\IP_Address\c$

Add New User to Current Host

net user <UserName> <Password> /add

Add User to Local Admin Group

net localgroup Administrators <UserName> /add

Enumerate presence of files with SID access of User on ACLs of c:

icacls c:\*. /findsid <UserName> /t /c /l

Python Web Client: download file/webpage to file

import urllib.request; urllib.request.urlretrieve("http://google.com","/google.html")

Python Web Server: serve up current directory on port 8000

-m http.server 8000

Last updated 2 years ago