Trending repositories for topic privilege-escalation
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A collection of hacking / penetration testing resources to make you better!
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Automation for internal Windows Penetrationtest / AD-Security
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke...
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
📦 Make security testing of K8s, Docker, and Containerd easier.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
A collection of hacking / penetration testing resources to make you better!
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Automation for internal Windows Penetrationtest / AD-Security
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking / penetration testing resources to make you better!
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke...
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Automation for internal Windows Penetrationtest / AD-Security
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achie...
A collection of links related to Linux kernel security and exploitation
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achie...
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the...
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
📦 Make security testing of K8s, Docker, and Containerd easier.
Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Automation for internal Windows Penetrationtest / AD-Security
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
A collection of hacking / penetration testing resources to make you better!
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking / penetration testing resources to make you better!
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Automation for internal Windows Penetrationtest / AD-Security
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke...
A collection of links related to Linux kernel security and exploitation
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the...
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achie...
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Windows Local Privilege Escalation Cookbook
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Linux enumeration tool for pentesting and CTFs with verbosity levels
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achie...
Tools to bypass flawed SELinux policies using the init_module system call
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the...
All Linux privilege Escalation methods are listed under one MarkDown🦁 i.e Kernel Exploits to Cronjobs
Linux & Android Kernel Vulnerability research and exploitation
¿Quieres empezar en el mundo hacking? En esta revista te enseño a instalar Kali Linux desde cero y a manipular herramientas esenciales en el Hacking Ético.
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
Windows Local Privilege Escalation Cookbook
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Automation for internal Windows Penetrationtest / AD-Security
Modular penetration testing platform that enables you to write, test, and execute exploit code.
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the...
Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achie...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking / penetration testing resources to make you better!
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Windows Local Privilege Escalation Cookbook
A collection of links related to Linux kernel security and exploitation
Linux enumeration tool for pentesting and CTFs with verbosity levels
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke...
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the...
Automation for internal Windows Penetrationtest / AD-Security
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the...
Linux & Android Kernel Vulnerability research and exploitation
Windows Local Privilege Escalation Cookbook
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
All Linux privilege Escalation methods are listed under one MarkDown🦁 i.e Kernel Exploits to Cronjobs
Notes in preparation for the PNPT (Practical Network Penetration Testing) Certification Exam
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
¿Quieres empezar en el mundo hacking? En esta revista te enseño a instalar Kali Linux desde cero y a manipular herramientas esenciales en el Hacking Ético.
Tools to bypass flawed SELinux policies using the init_module system call
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Modular penetration testing platform that enables you to write, test, and execute exploit code.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Metarget is a framework providing automatic constructions of vulnerable infrastructures.