Overview

This document contains a list of interesting files on Windows which may be helpful when looking to perform privilege escalation on a Windows system.

Filenames and foldernames containing…

install
backup
git
ssh
vpn
ftp
vnc
id_rsa
id_dsa
passw
.aws
.azure
gcloud
htaccess
htpasswd

File extensions

.bak
.log
.cmd
.vbs
.cnf
.conf
.config
.ini
.xml
.txt
.gpg
.pgp
.p12
.der
.csr
.cer
.kdbx
.db
.docx
.doc
.xls
.xlsx
.csv
.db
.sql

Specific filenames

unattend.xml
Unattended.xml
sysprep.inf
sysprep.xml
VARIABLES.dat
setupinfo
setupinfo.bak
web.config
SiteList.xml
credentials
accessTokens.json
azureProfile.json
credentials.db
legacy_credentials
access_tokens.db