privilege-escalation

There are 147 repositories under privilege-escalation topic.

PayloadsAllTheThings
swisskyrepo / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Language:Python 69972
vitalysim / Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
buffer-overflow ctf exploit hacking malware mitm owasp penetration-testing privilege-escalation privilege-escalation-linux reverse-engineering windows-privilege-escalation
16291
traitor
liamg / traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
cve-2021-3560 cve-2022-0847 dirtypipe exploit gtfobins hackthebox infosec privesc privilege-escalation redteam-tools security-tools
Language:Go 6999
S1ckB0y1337 / Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
active-directory active-directory-cheatsheet active-directory-exploitation activedirectory attack cheat cheat-sheet cheatsheet enumeration exploitation hacking hacking-cheasheet hacking-tool hacking-tools penetration-testing pentesting privilege-escalation security windows windows-active-directory
6281
xairy / linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation
exploit kernel-exploitation linux-kernel privilege-escalation security
6135
K8tools
k8gege / K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
exploit 0day poc getshell pentest hacking scanner privilege-escalation bypass crack netscan brute-force password database exp lpe rce
Language:PowerShell 6060
rmusser01 / Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
infosec infosec-reference reverse-engineering hacking pentesting penetration-testing references linux privilege-escalation information-security blueteam red-team windows osx forensics hacking-simulator privilege-escalation-exploits hacktoberfest hacktoberfest2021
Language:CSS 5819
cdk-team / CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
blackhat cloud-native cloud-native-security container container-escape container-security docker exploits hacktools hitb k8s k8s-penetration-toolkit kernel-exploitation kubernetes kubernetes-security linux penetration penetration-testing-tools privilege-escalation vulnerabilities
Language:Go 4382
Threekiii / Awesome-Redteam
一个攻防知识库。A knowledge base for red teaming and offensive security.
command-and-control execution exploit initial-access lateral-movement privilege-escalation reconnaissance red-teaming
Language:Python 3959
diego-treitos / linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
ctfs hacking hackthebox linux-enumeration oscp pentesting privesc privilege-escalation
Language:Shell 3728
S3cur3Th1sSh1t / WinPwn
Automation for internal Windows Penetrationtest / AD-Security
adsecurity automation exploitation pentest-tool pentesting powershell powersploit privilege-escalation recon redteam
Language:PowerShell 3560
Ignitetechnologies / Privilege-Escalation
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
oscp oscp-prep oscp-journey ctf ctf-writeups ctf-challenges vulnhub hack hacking privilege-escalation cheatsheet
3474
itm4n / PrivescCheck
Privilege Escalation Enumeration Script for Windows
pentest-tool pentesting privilege-escalation windows windows-privilege-escalation
Language:PowerShell 3455
calebstewart / pwncat
Fancy reverse and bind shell handler
enumeration implant-deployment linux persistance privilege-escalation pty pwncat windows
Language:Python 2809
ohpe / juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
clsid dcom juicy-potato privilege-escalation rottenpotatong windows
Language:C++ 2651
Integration-IT / Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
active-directory active-directory-cheatsheet active-directory-exploitation penetration-testing hacking hacking-cheasheet windows-active-directory cheatsheet powershell hacking-tools exploitation privilege-escalation enumeration hacking-tool security pentesting infosec windows cheat-sheet
Language:PowerShell 2629
phpsploit
nil0x42 / phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
advanced-persistent-threat backdoor blackhat c2 command-and-control hacking hacking-framework hacktool persistence php-backdoor php-webshell php-webshell-backdoor post-exploitation privilege-escalation redteam stealth web-hacking webshell
Language:Python 2387
SUDO_KILLER
TH3xACE / SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
sudo-exploitation abuse-sudo ctf exploits cve pentest pentest-tool privilege-escalation sudo linux-exploits misconfiguration oscp oscp-tools oscp-journey oscp-prep
Language:Shell 2360
p0dalirius / Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
authentication automatic call coerce fuzzing ntlm privilege-escalation rpc
Language:Python 2070
ihebski / A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
pentesting redteam security-tools exploit active-directory vulnerability penetration-testing tools hacking script lateral-movement meterpreter privilege-escalation crackmapexec mimikatz cybersecurity enumeration engagement metasploit nmap
1811
quentinhardy / odat
ODAT: Oracle Database Attacking Tool
oracle-database pentest pentest-tool privilege-escalation
Language:Python 1698
WADComs / WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
exploitation windows redteam blueteam wadcoms cheatsheet commands enumeration persistence privilege-escalation
Language:HTML 1596
xairy / kernel-exploits
My proof-of-concept exploits for the Linux kernel
exploit kernel-exploitation linux-kernel privilege-escalation
Language:C 1498
mufeedvh / moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
cve exploit exploitation infosec infosectools linux privilege-escalation red-teaming redteam redteam-tools security security-tools
Language:Rust 1466
m0nad / awesome-privilege-escalation
A curated list of awesome privilege escalation
privilege-escalation pentest pentesting ctf oscp awesome awesome-list hack-the-box htb hacking linux-enumeration docker nfs dll-hijacking
1416
deepce
stealthcopter / deepce
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
deepce docker-enumeration enumeration exploits container-escape privilege-escalation privilege-escalation-exploits
Language:Shell 1388
metarget
Metarget / metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
cloud-native kubernetes container cloud-native-security kubernetes-security container-security container-escape target vulnerable-infrastructure vulnerabilities vulnerable-scenes vulnerable-infrastructures privilege-escalation kernel-exploitation
Language:Python 1310
nickvourd / Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
cheatsheet local-administration local-privilege-escalation oscp oscp-prep osep privilege-escalation windows osep-prep administrator administrator-privileges cmd microsoft powershell cookbook lpe eop lab misconfiguration lab-automation
Language:PowerShell 1177
ToRat
lu4p / ToRat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
remote-admin-tool tor reverse-shell golang persistence keylogger reverse-shells transport shell-reverse uac-bypass privilege-escalation uacbypass post-exploitation rat windows command-and-control cross-platform payload linux rpc
Language:Go 1005
ihack4falafel / OSCP
Collection of things made during my OSCP journey
bash scripts vbscript c batch-script python exploit buffer-overflow oscp privesc privilege-escalation oscp-journey privilege-escalation-exploits
Language:Python 951
quentinhardy / msdat
MSDAT: Microsoft SQL Database Attacking Tool
mssql-database pentest-tool pentest privilege-escalation
Language:Python 937
BeichenDream / BadPotato
Windows 权限提升 BadPotato
privilege-escalation badpotato potato pipepotato
Language:C# 864
M507 / RamiGPT
Autonomous Privilege Escalation using AI
autonomous-hacking ai-enumeration enumeration hacking-tool hacking-tools hackthebox privilege-escalation pwn pwntools vulnhub
834
Getshell / LinuxTQ
《Linux提权方法论》
privilege-escalation linuxtq 0e0w getshell
788
initstring / dirty_sock
Linux privilege escalation exploit via snapd (CVE-2019-7304)
security linux privilege-escalation
Language:Python 678
Anon-Exploiter / SUID3NUM
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
python python-3 gtfo-bin auto-exploitation standalone-python-script suid-binaries suid suid3num privilege-escalation exploitation oscp oscp-tools gtfobins gtfo boot2root vulnhub htb pentesting pentest-tools pentest
Language:Python 635