So I am working on my second attempt at the OSCP and as I’m working through the labs I’ve realized I have a real lack of knowledge on how to really pillage a windows machine after gaining System. Linux I’m solid, backdoors, exporting keys/passwords, altering firewall rules, etc. I know what sort of control I can make use of and how to go about doing it.
Do any of you have some good resources on what you’d immediately start looking for/uploading/running/etc. on a windows machine once you’ve completely gained control of it? Since most of my experience is with HTB/OSCP labs I don’t really have a need for the follow-through but I’d like to start learning what I can do specifically from powershell/cmd (meterpreter makes some of these things easy, so without that) CLI.
If you’ve got a mind-map of steps you initially set up and tools used post-exploitation I’d love to see it, or even just some resources on it as anything I google for that topic just comes up with priv-esc techniques.