The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 10 Privesc Open-Source Projects
-
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
BotPEASS
Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
LocalAdminSharp
.NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
-
CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
-
sqli-postgres-rce-privesc-hacking-playground
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Once on a system, something like Linpeas or Winpeas would be useful: https://github.com/carlospolop/PEASS-ng
Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12
* https://github.com/DominicBreuker/pspy
When you deploy them they just work. Compare that to compiled C++ code you often face issues with the deployment in my experience. And production machines usually do not ship compilers.
Privesc related posts
- Traitor – Automatic Linux privesc via exploitation of low-hanging fruits
- Need help getting rid of malware "perfcc / perfctl"
- LinPEAS
- Tips to improve speed during CTFs
- I passed with 100 points on second attempt AMA
- Exploiting
- GitHub - carlospolop/PurplePanda: Identify privilege escalation paths within and across different clouds
-
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024
Index
What are some of the best open-source Privesc projects? This list will help you:
Project | Stars | |
---|---|---|
1 | PEASS-ng | 14,831 |
2 | traitor | 6,488 |
3 | pspy | 4,510 |
4 | linux-smart-enumeration | 3,184 |
5 | PurplePanda | 626 |
6 | PowerShell-Red-Team | 456 |
7 | BotPEASS | 202 |
8 | LocalAdminSharp | 146 |
9 | CVE-2023-22809-sudoedit-privesc | 130 |
10 | sqli-postgres-rce-privesc-hacking-playground | 71 |