A lightweight, GUI-based Windows privilege escalation enumeration tool written in PowerShell. It provides a user-friendly graphical interface with categorized tabs for each check — making it easier to visually inspect privilege escalation vectors without digging through overwhelming console output.
A quick look at the clean tabbed UI and categorized findings
- High integrity check
- Group membership (admin or not)
- Token privileges
- Local admins
- Unquoted service paths
- Writable folders in PATH
- Writable directories in Program Files
- AlwaysInstallElevated
- Scheduled tasks (basic & suspicious)
- Autoruns (HKCU, HKLM, Registry)
- Wi-Fi passwords
- Credential Manager creds
- PowerShell history
- Defender exclusions
- Startup apps
- UAC settings
- SYSTEM processes
- Environment variables
- Mapped/mounted drives
- And many more…
No installation required. Just:
- Download the
WinGUIEnum.cmdfile. - Double-click it.
- Click Run Scan
- Sit back and watch the magic.
If SmartScreen or AV flags it, rest assured — the tool is safe and open source. Just allow it or run in a lab environment.
Built by @n4bm