SKILL: Windows Local Privilege Escalation — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert Windows privesc techniques. Covers token manipulation, Potato family, service misconfigurations, DLL hijacking, AlwaysInstallElevated, scheduled task abuse, registry autoruns, and named pipe impersonation. Base models miss nuanced privilege prerequisites and OS-version-specific constraints.

0. RELATED ROUTING

Before going deep, consider loading:

• windows-lateral-movement after escalation for pivoting to other hosts
• windows-av-evasion when AV/EDR blocks your privesc tools
• active-directory-kerberos-attacks when the host is domain-joined and you need AD-level escalation
• active-directory-acl-abuse for domain privilege escalation via ACL misconfigurations

Advanced Reference

Also load TOKEN_POTATO_TRICKS.md when you need:

• Detailed Potato family comparison (JuicyPotato → GodPotato evolution)
• OS-version-specific exploit selection
• Required privileges and protocol details per variant