Abuse SilentCleanup Task

Overview of Abuse SilentCleanup Task There’s a task in Windows Task Scheduler called “SilentCleanup” which, while it’s executed as Users, automatically runs with elevated privileges. When it runs, it executes the file “%windir%\system32\cleanmgr.exe”. Since it runs as Users, and its possible to control user’s […]

PowerSploit PsExec for PowerShell

Overview of PowerSploit PsExec PowerSploit PowerShell script (Invoke-PsExec.ps1) from Empire is a function (cmdlet) that lets you execute PowerShell and batch/cmd.exe code asynchronously on target Windows computers, using PsExec.exe.   References https://github.com/EmpireProject/Empire/blob/master/data/module_source/lateral_movement/Invoke-PsExec.ps1   Request Access to Use Case Repository