The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 privilege-escalation Open-Source Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
-
Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12 -
Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
-
-
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
We're using pwncat-cs to listen for incoming connections and elevate to a shell. Log into the EC2 VM and run:
-
juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
-
SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
-
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
-
-
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
-
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)
-
-
-
-
SUID3NUM
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
-
GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
-
Lucifer
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
privilege-escalation related posts
- Take the first steps to harden your Kubernetes cluster
- Traitor – Automatic Linux privesc via exploitation of low-hanging fruits
- Windows scheduled task PE
- Pwncat usage on the exam
- Specific user being targeted by scammers? + possible network breach? looking for advice..
- A list of hacking / penetration testing resources to make you better
- Awesome Hacking Resources
-
A note from our sponsor - WorkOS
workos.com | 28 Mar 2024
Index
What are some of the best open-source privilege-escalation projects? This list will help you:
Project | Stars | |
---|---|---|
1 | PayloadsAllTheThings | 56,138 |
2 | Awesome-Hacking-Resources | 14,565 |
3 | traitor | 6,474 |
4 | Infosec_Reference | 5,328 |
5 | linux-kernel-exploitation | 5,254 |
6 | Active-Directory-Exploitation-Cheat-Sheet | 4,901 |
7 | CDK | 3,581 |
8 | WinPwn | 3,146 |
9 | linux-smart-enumeration | 3,145 |
10 | PrivescCheck | 2,559 |
11 | pwncat | 2,349 |
12 | juicy-potato | 2,246 |
13 | SUDO_KILLER | 2,077 |
14 | A-Red-Teamer-diaries | 1,651 |
15 | odat | 1,538 |
16 | Coercer | 1,522 |
17 | moonwalk | 1,258 |
18 | awesome-privilege-escalation | 1,092 |
19 | deepce | 1,084 |
20 | msdat | 799 |
21 | SUID3NUM | 577 |
22 | GTFONow | 479 |
23 | Lucifer | 335 |