--- title: Windows 10 Client Audit date: 2021-01-13 categories: [checklists] tags: [ windows, hardening] --- # Checkliste Windows 10 Client Audit ## Windows 10 Boot * [ ] BIOS Password * [ ] Secure Boot * [ ] Boot Order * [ ] Intel AMT Default Password ## Windows GPOS best Practices * [ ] TBD ## Windows Privilege Escalation * [ ] %WINDIR%\Panther\Unattended.xml * [ ] Unquoted Service Paths * [ ] Wrong service permissions * [ ] Wrong service executable permissions * [ ] Group Policy Preferences * [ ] AlwaysIntallElevated * [ ] AutoLogon Password in registry * [ ] DLL Load Order Highjacking * [ ] Missing Hotfixes * [ ] Hardcoded credentials in config files/scripts. * [ ] Sticky Keys ## Third Part Tools * [ ] Old Versions/Vulnerable Versions * [ ] Hardcoded Credentials in config files/Scripts. * [ ] Reversing the Software ## Windows 0day hunting * [ ] Advanced LPC Calls * [ ] scheduled tasks 0day ## Common Tools * Powersploit * Empire * IDA * MeshCommander (Intel AMT) * PowerUp.ps1 * Mimikatz * Sysinternals * accesschk.exe * procmon.exe * taskmon.exe * ...