SigmaPotato is a SeImpersonate privilege escalation tool for Windows 8 through 11 and Windows Server 2012 through 2022. It enhances the original GodPotato project with improved PowerShell support and user experience. Key features include:
- Execution from memory via .NET reflection (local and remote).
- Built-in PowerShell reverse shell functionality.
- Bypassing the 1024 character limit for PowerShell commands.
- Streamlined tool usage with implied variables.
- Enhanced visual formatting of PowerShell process output.
- Error output verbosity with suggestions for common errors.
- Rudimentary AV heuristics bypass.
It targets penetration testers and red teamers needing to escalate privileges on Windows systems.
