privilege-escalation

Open-source projects categorized as privilege-escalation

Top 23 privilege-escalation Open-Source Projects

  • PayloadsAllTheThings

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    Project mention: php shell not executed in wordpress | /r/hacking | 2023-12-08

    Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too

  • Awesome-Hacking-Resources

    A collection of hacking / penetration testing resources to make you better!

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • traitor

    :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

    Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12
  • Infosec_Reference

    An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  • linux-kernel-exploitation

    A collection of links related to Linux kernel security and exploitation

  • Active-Directory-Exploitation-Cheat-Sheet

    A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  • CDK

    📦 Make security testing of K8s, Docker, and Containerd easier.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • WinPwn

    Automation for internal Windows Penetrationtest / AD-Security

  • linux-smart-enumeration

    Linux enumeration tool for pentesting and CTFs with verbosity levels

  • PrivescCheck

    Privilege Escalation Enumeration Script for Windows

    Project mention: Windows scheduled task PE | /r/oscp | 2023-04-27
  • pwncat

    Fancy reverse and bind shell handler

    Project mention: Take the first steps to harden your Kubernetes cluster | dev.to | 2023-09-09

    We're using pwncat-cs to listen for incoming connections and elevate to a shell. Log into the EC2 VM and run:

  • juicy-potato

    A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

  • SUDO_KILLER

    A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

  • A-Red-Teamer-diaries

    RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

  • odat

    ODAT: Oracle Database Attacking Tool

  • Coercer

    A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

  • moonwalk

    Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)

  • awesome-privilege-escalation

    A curated list of awesome privilege escalation

  • deepce

    Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

    Project mention: How to Escape a Container | news.ycombinator.com | 2023-12-20

    Useful: https://github.com/stealthcopter/deepce

  • msdat

    MSDAT: Microsoft SQL Database Attacking Tool

  • SUID3NUM

    A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

  • GTFONow

    Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

  • Lucifer

    A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-12-20.

privilege-escalation related posts

Index

What are some of the best open-source privilege-escalation projects? This list will help you:

Project Stars
1 PayloadsAllTheThings 56,138
2 Awesome-Hacking-Resources 14,565
3 traitor 6,474
4 Infosec_Reference 5,328
5 linux-kernel-exploitation 5,254
6 Active-Directory-Exploitation-Cheat-Sheet 4,901
7 CDK 3,581
8 WinPwn 3,146
9 linux-smart-enumeration 3,145
10 PrivescCheck 2,559
11 pwncat 2,349
12 juicy-potato 2,246
13 SUDO_KILLER 2,077
14 A-Red-Teamer-diaries 1,651
15 odat 1,538
16 Coercer 1,522
17 moonwalk 1,258
18 awesome-privilege-escalation 1,092
19 deepce 1,084
20 msdat 799
21 SUID3NUM 577
22 GTFONow 479
23 Lucifer 335
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com