# Misc

- [Reverse shell trick](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/reverse-shell-trick.md)
- [Lateral Movement](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/lateral-movement.md)
- [PSRemoting](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/lateral-movement/psremoting.md)
- [PsExec (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/lateral-movement/psexec-todo.md)
- [Misconfigured Service (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/misconfigured-service-todo.md)
- [Unqouted Service Path](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/misconfigured-service-todo/unqouted-service-path.md): We will create a service with a Unquoted Service Path to escalate privileges from a low privileges user account to SYSTEM.
- [Discovering Shares](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/page-3.md)
- [Password on shares](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/page-3-1.md)
- [Different methods of dumping credentials](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials.md)
- [LSASS (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials/lsass-todo.md)
- [Dumping DPAPI](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials/page-3.md): DPAPI stands for Data Protection API. Which is used by windows to securely save credentials.
- [Browser passwords](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials/page-3/page-3.md)
- [Scheduled tasks (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials/scheduled-tasks-todo.md)
- [Services (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials/services-todo.md): It's possible to create custom services, which will run with a local or a domain account. When you have high enough privilege's, it's possible to retrieve the credentials of the service.
- [Vssadmin Shadow Copy](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/different-methods-of-dumping-credentials/page-3-1.md)
- [ms-ds-machineaccountquota (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/page-3-2.md)
- [add DNS Records (todo)](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/page-3-3.md)
- [Bypassing UAC](/building-a-windows-ad-lab/vulnerabilities-and-misconfigurations-and-attacks/misc/page-3-4.md)