E5 - Windows Vulnerabilities

Knowledge of remote windows vulnerabilities, particularly those for which robust exploit code exists in the public domain. Knowledge of local windows privilege escalation vulnerabilities and techniques. Knowledge of common post exploitation activities: • obtain password hashes, both from the local SAM and cached credentials • obtaining locally-stored clear-text passwords • crack password hashes • check patch levels • derive list of missing security patches • reversion to previous state