Windows Privilege Escalation

What it does

This skill enables AI agents to analyze Windows systems for misconfigurations and vulnerabilities that allow escalation from lower privileges to SYSTEM or Administrator rights. It automates the discovery of unpatched exploits, weak service configurations, and token manipulation techniques specific to the Windows operating system.

When to use it

• Post-exploitation analysis: After gaining initial access via phishing or brute force, verify if you can elevate to full control.
• Red teaming simulations: Test defense-in-depth strategies by attempting to bypass User Account Control (UAC) restrictions.
• Vulnerability assessment: Identify unpatched software versions or disabled security features like PatchGuard that agents could exploit.
• Incident response: Determine the scope of compromise when an attacker has a low-level token on a critical server.

Key capabilities

• Scans for known Windows privilege escalation vectors (e.g., Service0, PrintNightmare).
• Checks for misconfigured services with high privileges running under standard user accounts.
• Identifies unpatched vulnerabilities in installed applications and drivers.
• Detects weak token manipulation opportunities via impersonation or duplication.

Example prompts

• "Scan this Windows environment for privilege escalation paths from a standard user account."
• "Identify any unpatched services or drivers that could allow SYSTEM-level access."
• "Analyze the current user's token and suggest methods to escalate privileges if possible."

Tips & gotchas

Ensure you have explicit authorization before running this skill on production systems, as it may trigger security alerts or violate compliance policies. This tool is designed for defensive testing; misuse can lead to legal consequences and system instability.