SeImpersonatePrivilege

A practical, ordered checklist for Windows local privilege escalation during labs, CTFs, and authorised internal testing.

Active Directory machine demonstrating NTLM hash capture through a writable SMB share, Kerberoasting, MSSQL Silver Ticket abuse, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Windows machine demonstrating phishing through a malicious LibreOffice document, IIS web root abuse, SeImpersonatePrivilege, and local administrator access through GodPotato and RunasCs.