Get-ServiceUnquoted             -   returns services with unquoted paths that also have a space in the name
Get-ServiceEXEPerms             -   returns services where the current user can write to the service binary path
Get-ServicePerms                -   returns services the current user can modify

Invoke-ServiceUserAdd           -   modifies a modifiable service to create a user and add it to the local administrators
Write-UserAddServiceBinary      -   writes out a patched C# service binary that adds a local administrative user
Write-ServiceEXE                -   replaces a service binary with one that adds a local administrator user
Restore-ServiceEXE              -   restores a replaced service binary with the original executable

Invoke-FindDLLHijack            -   finds DLL hijacking opportunities for currently running processes
Invoke-FindPathDLLHijack        -   finds service %PATH% .DLL hijacking opportunities

Get-RegAlwaysInstallElevated    -   checks if the AlwaysInstallElevated registry key is set
Get-RegAutoLogon                -   checks for Autologon credentials in the registry

Get-UnattendedInstallFiles      -   finds remaining unattended installation files

Invoke-AllChecks                -   runs all current escalation checks and returns a report
Write-UserAddMSI                -   write out a MSI installer that prompts for a user to be added
Invoke-ServiceStart             -   starts a given service
Invoke-ServiceStop              -   stops a given service
Invoke-ServiceEnable            -   enables a given service
Invoke-ServiceDisable           -   disables a given service
Get-ServiceDetails              -   returns detailed information about a service