---
title: Windows 10 Client Audit
categories: [checklists]
tags: [ windows, hardening]
---

# Checkliste Windows 10 Client Audit

## Windows 10 Boot

* [ ] BIOS Password
* [ ] Secure Boot
* [ ] Boot Order
* [ ] Intel AMT Default Password


## Windows GPOS best Practices

* [ ] TBD


## Windows Privilege Escalation

* [ ] %WINDIR%\Panther\Unattended.xml
* [ ] Unquoted Service Paths
* [ ] Wrong service permissions
* [ ] Wrong service executable permissions
* [ ] Group Policy Preferences
* [ ] AlwaysIntallElevated
* [ ] AutoLogon Password in registry
* [ ] DLL Load Order Highjacking
* [ ] Missing Hotfixes
* [ ] Hardcoded credentials in config files/scripts.
* [ ] Sticky Keys


## Third Part Tools

* [ ] Old Versions/Vulnerable Versions
* [ ] Hardcoded Credentials in config files/Scripts.
* [ ] Reversing the Software


## Windows 0day hunting

* [ ] Advanced LPC Calls
* [ ] scheduled tasks 0day


## Common Tools

* Powersploit
* Empire
* IDA
* MeshCommander (Intel AMT)
* PowerUp.ps1
* Mimikatz
* Sysinternals
    * accesschk.exe
    * procmon.exe
    * taskmon.exe
    * ...