Stats
carlospolop/privilege-escalation-awesome-scripts-suite is an open source project licensed under MIT License which is an OSI approved license.
Privilege-escalation-awesome-scripts-suite Alternatives
Similar projects and alternatives to privilege-escalation-awesome-scripts-suite based on common topics and language
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
traitor
Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins :arrow_up: :skull_and_crossbones:
-
Scout APM
Scout APM - Leading-edge performance monitoring starting at $39/month. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
-
-
ipban
IPBan Monitors failed logins and bad behavior and bans ip addresses on Windows and Linux. Highly configurable, lean and powerful. Learn more at ↓
-
-
-
Posts
-
Best OSCP resources/cheat sheets/webpages/references Post them here
- https://book.hacktricks.xyz
-
A black-box penetration test (coursework) - please help me
https://book.hacktricks.xyz/ - go through methods listed there for each port
-
Best Learning Material for OSCP?
Best learning material is very subjective, one man's meat is another man's poison, I felt the more practice with lab machines the more experience gained. I recommend when doing lab machines use https://book.hacktricks.xyz/, https://github.com/swisskyrepo/PayloadsAllTheThings, https://gtfobins.github.io/, https://lolbas-project.github.io/# as the base materials, then next thing is learn how to use searchsploit, and use correct keywords to find the things you need from google.
-
Where can I get the list of all possible attacks?
https://book.hacktricks.xyz/ this one is my favorite, there is a page with common attacks / useful commands for every common port.
-
PAM for SSH - /etc/pam.d/sshd
I've recently run the linpeas script, which I've been told should highlight any security issues on my Linux box. Though nothing of significance has shown up, I've seen it's flagged a few auth lines in my /etc/pam.d/sshd file.
- How to do a Checkup on Linux
-
Passed my OSCP; story and hot take below
I used this website for general reading: https://book.hacktricks.xyz/
-
Traitor: Linux privilege escalation made easy
How does this really differ from linpeas (Linpeas Github) or unixprivchecker (unixprivchecker Github)? The readme is saying the script stops if it ever gets root, but what about other vulnerabilities that may exist simultaneously? While no script can do everything, does it account for the different branches SUID / SGID exploits can take ( vi | GTFOBins)?
Seems interesting with the Docker exploit I guess. I would still recommend linpeas: https://github.com/carlospolop/privilege-escalation-awesome-...
Most of these tricks are listed here at GTFOBins: https://gtfobins.github.io/ which is based on LOLBAS for Windows: https://lolbas-project.github.io/#
-
Privilege escalation problem
Check out https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite and the accompanying “book” at https://book.hacktricks.xyz/