Top 10 Privesc Open-Source Projects

PEASS-ng

90 14,831 8.5 C#

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Project mention: Great enumeration scripts? | /r/oscp | 2023-06-02

Once on a system, something like Linpeas or Winpeas would be useful: https://github.com/carlospolop/PEASS-ng

traitor

17 6,488 0.0 Go

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12

InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
pspy

8 4,510 0.0 Go

Monitor linux processes without root permissions

Project mention: Ask HN: What's the big deal with Go (Golang)? | news.ycombinator.com | 2023-10-12

* https://github.com/DominicBreuker/pspy
When you deploy them they just work. Compare that to compiled C++ code you often face issues with the deployment in my experience. And production machines usually do not ship compilers.

linux-smart-enumeration

2 3,184 6.2 Shell

Linux enumeration tool for pentesting and CTFs with verbosity levels
PurplePanda

2 626 6.3 Python

Identify privilege escalation paths within and across different clouds
PowerShell-Red-Team

1 456 4.1 PowerShell

Collection of PowerShell functions a Red Teamer may use in an engagement
BotPEASS

1 202 4.9 Python

Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
LocalAdminSharp

1 146 0.0 C#

.NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
CVE-2023-22809-sudoedit-privesc

1 130 10.0 Shell

A script to automate privilege escalation with CVE-2023-22809 vulnerability
sqli-postgres-rce-privesc-hacking-playground

1 71 0.0 PHP

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-10-12.

Privesc related posts

Traitor – Automatic Linux privesc via exploitation of low-hanging fruits
1 project | news.ycombinator.com | 12 Jun 2023
Need help getting rid of malware "perfcc / perfctl"
1 project | /r/debian | 4 Apr 2023
LinPEAS
2 projects | news.ycombinator.com | 13 Mar 2023
Tips to improve speed during CTFs
2 projects | dev.to | 26 Jul 2022
I passed with 100 points on second attempt AMA
11 projects | /r/oscp | 14 Jun 2022
Exploiting
1 project | /r/openSUSE | 5 Apr 2022
GitHub - carlospolop/PurplePanda: Identify privilege escalation paths within and across different clouds
1 project | /r/bag_o_news | 3 Feb 2022
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024

The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Index

What are some of the best open-source Privesc projects? This list will help you:

	Project	Stars
1	PEASS-ng	14,831
2	traitor	6,488
3	pspy	4,510
4	linux-smart-enumeration	3,184
5	PurplePanda	626
6	PowerShell-Red-Team	456
7	BotPEASS	202
8	LocalAdminSharp	146
9	CVE-2023-22809-sudoedit-privesc	130
10	sqli-postgres-rce-privesc-hacking-playground	71