15 years after APT was released for Linux, Microsoft is finally going to ship Windows with a package manager! Windows PowerShell OneGet is the easiest and fastest way to install applications and will be a fundamental part of how Microsoft wants you to administer your enterprise. In this talk we will go over OneGet, Nuget and Chocolatey and observe some of the security problems that will have to be overcome before widespread adoption. We will go over the hundreds of privilege escalation vulnerabilities that were found in the over 1800 unique packages that are already available on the repository server. We will also demo vulnerabilities against one of the package managers and PowerShell itself. Come see how to find third-party privilege escalation bugs at scale with the newest addition to PowerSploit.