itm4n's Priv Esc Check Script which has been decoded and unzipped. Why? Dont want to blindly run Obfuscated PowerShell Scripts from GitHub on a Corporate Network do we?
Original Script - https://github.com/itm4n/PrivescCheck
For UK Pentesters, if running Build Reviews for ITHCs, this used alongside Nessus or whatever you are using is awesome.
Great Report Layout aswell.
Im quite confident it is, I've looked through the code and also put it through https://app.any.run/
itm4n is quite well known in the industry with some great blogs etc - https://itm4n.github.io/. The repo is maintained and has over 2k stars.
It has no external connections or http requests
And the only potentially "malicious" activity is some registry queries and powershell version downgrade
If I notice itm4n has updated his script, ill update this one. - #EDIT This is a lie, I dont have time