Our great sponsors
-
Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Adding link to PEAS: https://github.com/carlospolop/PEASS-ng
Other than that it was just practice, hacktricks, payload all the things, https://github.com/gtworek/Priv2Admin, and reading writeups even if I rooted a box to make see if there were other ways that it could have been done. Hopefully that helps!
I used AutoRecon (thanks tibs) and PEAS for both linux and windows privesc. But again, the reason I failed the first time was because I relied to heavily on these tools. I really like the disclaimer on the autorecon github:
Linux privesc is a bunch of manual checks from my notes that I have built over time. I also like https://github.com/diego-treitos/linux-smart-enumeration (lse.sh) which is similar to linpeas but the output is less busy.
I also forgot https://github.com/DominicBreuker/pspy obviously for linux privesc