Microsoft has included its AMSI in recent versions of Windows to prevent any sort of malicious code from being executed on a local system. If you're compromising a Windows operating system, executing PowerShell scripts can be very helpful, but AMSI will prevent any malicious actions. To disable AMSI, execute the following PowerShell script:
"[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsilnitFailed','NonPublic,Static').SetValue($null,$true)"
The following screenshot shows the successful execution of the script on a Windows 10 operating system:
At this point, you can run almost any malicious code on your victim's Windows machine.
This section assumed that you have already compromised a Windows operating system on a corporate network. In the next section, we will briefly discuss a common vulnerability that is overlooked by many network administrators in the IT industry: VLAN hopping.