Table of contents oscp-cpts-notes Pivoting & Tunneling Local Port Forwarding Remote Port Forwarding Dynamic Port Forwarding Ligolo-ng Linux Privilege Escalation Gathering Information of the System Capabilities Group Based SUID Privilege Escalation Cron Job Exploiting NFS weak Permission Sudo + LD_PRELOAD (Shared Libraries) Shared Object Manipulation Python Library Hijacking Windows Privilege Escalation Gathering Information of the System User Privileges SeImpersonatePrivilege and SeAssignPrimaryToken SeDebugPrivilege SeTakeOwnershipPrivilege Group Privileges Backup Operators DnsAdmins Server Operators Always Install Elevated Print Operators Event Log Readers Hyper-V Administrators Credential Theft Active Directory Attacks Enumeration Initial Foothold Gathering Users & Password Policies Password Spraying