# SysInternals

## Sysinternal Tools

* [ADExplorer](https://learn.microsoft.com/en-us/sysinternals/downloads/adexplorer)
  * [TrustedSec Writeup](https://trustedsec.com/blog/adexplorer-on-engagements)
* [AccessChk](https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk)
* [Autoruns](https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns)
* [AccessEnum](https://learn.microsoft.com/en-us/sysinternals/downloads/accessenum)
* [PsExec](https://learn.microsoft.com/en-us/sysinternals/downloads/psexec)
* [PsFile](https://learn.microsoft.com/en-us/sysinternals/downloads/psfile)
* [ShareEnum](https://learn.microsoft.com/en-us/sysinternals/downloads/shareenum)

## Tools to use without Creds

* AD-Explorer
* Autoruns
* AccessChk
* AccessEnum
* ShareEnum
* PsFile

## Tolls to use With Creds

* Sharphound
* Powerview
* Active Directory Certificate Services (AD CS)
* Kerboasting or AESPRoating
* DACL Attack