PrivescCheck
linux-smart-enumeration
PrivescCheck | linux-smart-enumeration | |
---|---|---|
4 | 2 | |
2,630 | 3,205 | |
- | - | |
8.4 | 6.2 | |
2 months ago | 5 months ago | |
PowerShell | Shell | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PrivescCheck
- Windows scheduled task PE
-
Passed with 90 points (incl report)
You're welcome. This is it https://github.com/itm4n/PrivescCheck
-
Failed again, 2nd attempt..sadpanda
Run https://github.com/itm4n/PrivescCheck => Also dumps cleartext passwords if any are saved, great to run crackmapexec if no hash is available
- I passed with 100 points on second attempt AMA
linux-smart-enumeration
-
I passed with 100 points on second attempt AMA
Linux privesc is a bunch of manual checks from my notes that I have built over time. I also like https://github.com/diego-treitos/linux-smart-enumeration (lse.sh) which is similar to linpeas but the output is less busy.
- diego-treitos/linux-smart-enumeration - Linux enumeration tool for pentesting and CTFs with verbosity levels
What are some alternatives?
OSCP-Priv-Esc - Mind maps / flow charts to help with privilege escalation on the OSCP.
airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks.
Seatbelt - Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
owasp-mastg - The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
SUDO_KILLER - A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
PrintSpoofer - Abusing impersonation privileges through the "Printer Bug"
CapProcess - A simple and useful script for capturing the processes running on a machine and some basic information about the system
pspy - Monitor linux processes without root permissions
pdfcrack - An Advanced tool to Crack Any Password Protected PDF file. A very user friendly script especially for noob hackers.
OSCP-Exercise-Checklist - A checklist to help students track their OSCP exercise progress.
ActiveDirectoryAttackTool - ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.