Quick reference
faceless.exe --help # Show help
faceless.exe list # List all processes
faceless.exe list explorer # Filter by name
faceless.exe --system # Auto-escalate to SYSTEM
faceless.exe -p 1234 # Target specific PID
faceless.exe -n winlogon.exe # Target by name
faceless.exe --system -q # Silent mode
Examples
Escalate to SYSTEM:
faceless.exe --system
Execute PowerShell as SYSTEM:
faceless.exe --system -c powershell.exe
Run a custom payload silently:
faceless.exe --system -c "C:\payload.exe" -q
Process enumeration:
faceless.exe list
Expected output:
================================================================================
PID | Process | Owner
================================================================================
668 | winlogon.exe | NT AUTHORITY\SYSTEM
712 | services.exe | NT AUTHORITY\SYSTEM
9180 | explorer.exe | DESKTOP\User
================================================================================
CLI options
| Option | Description |
|---|---|
list [filter] | Enumerate processes (optional name filter) |
-p, --pid <PID> | Target by PID |
-n, --name <name> | Target by name |
--system | Auto-target SYSTEM process |
-c, --cmd <command> | Command to execute (default cmd.exe) |
-q, --quiet | Suppress output |
-h, --help | Show help |
Recommended flow
- Enumerate processes and validate context.
- Select authorized target (PID or name).
- Use quiet mode when appropriate.
Legal note
- Use these options only on systems you own or have written permission to test.