For many years I have been using GNU/Linux, both for personal computing as well as system administration of servers. While I do enjoy exploit/privilege escalation on *nix machines, I have a much harder time on Windows since I lack the in-depth system knowledge to do so. I've looked at books about "Windows Pentesting", but most of the time it explains how to use metasploit etc etc, which isn't really the type of knowledge I feel I need.
In order to enumerate a system for privilege escalation (and to a slightly lesser extent for getting a foothold etc...) it seems knowledge of the architecture is required, the way the system has been configured... Does anyone have good books/resources to become more knowledgeable on these? I feel in order to do a good enumeration someone needs to have at least solid basics of the system/app that is being investigated, otherwise it just becomes script kiddie pretty quick.