Share
## https://sploitus.com/exploit?id=A1AC1CFF-2DB0-538E-85E8-4EE14DE43475
It is an offensive tool for Windows privilege escalation checking. 

The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. It is written in Python and converted to an executable using pyinstaller. The tool can run either as a normal user or as Administrator, with the latter providing more capabilities due to increased access to files and registry entries.

The tool's primary function is to identify potential privilege escalation vectors, such as reconfiguring Windows Services, replacing service executables with weak file permissions, and modifying the registry. It generates reports in HTML, TXT, and XML format.

The tool is designed to be useful for both pentesters and auditors, with a focus on performing as many checks as possible without requiring Administrator rights. However, its effectiveness is inherently limited when run as a low-privileged user due to restricted access to certain parts of the registry and file system.

The tool's code is available in the wpc directory, with the main Python script being windows-privesc-check.py. The tool's configuration is stored in wpc/conf.py, which includes issue templates and supporting data definitions.

The tool can be built into an executable using py