43 Methods for Privilege Escalation (Part 3)
Dump lsass with SilentProcessExit Domain: No Local Admin: Yes OS: Windows Type: Enumeration & Hunting Methods: SilentProcessExit.exe pid Lsass Shtinkering Domain: No Local Admin: Yes OS: Windows Type: Enumeration & Hunting Methods: HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps->2 LSASS_Shtinkering.exe pid AndrewSpecial Domain: No Local Admin: Yes OS: Windows Type: Enumeration & Hunting Methods: AndrewSpecial.exe CCACHE ticket reuse from …