From af3be40d54709e1a2e3cd2b52a7c8ea0635cf3f5 Mon Sep 17 00:00:00 2001
From: ARZ <60057481+AbdullahRizwan101@users.noreply.github.com>
Date: Wed, 17 Mar 2021 23:43:59 +0500
Subject: [PATCH] Update Cheat Sheet.md

---
 Cheat Sheet.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Cheat Sheet.md b/Cheat Sheet.md
index 198a01e..196ac0c 100644
--- a/Cheat Sheet.md	
+++ b/Cheat Sheet.md	
@@ -249,6 +249,12 @@ If this is enabled we can upload `Printspoofer.exe ` and place it if we have rig
 
 `PrintSpoofer.exe -i -c powershell.exe`
 
+### Becoming NT\AUTHORITY (If user is in local administrators group)
+
+If the system has `PsExec.exe` open elevated cmd 
+
+`.\PsExec.exe -i -s cmd.exe`
+
 ### Active Directory
 `powershell -ep bypass`  load a powershell shell with execution policy bypassed <br/>
 `. .\PowerView.ps1`      import the PowerView module