Top 61 privilege-escalation open source projects

This tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.

CVE-2020-0796 Local Privilege Escalation POC

Local Privilege Escalation

DLL Hijacking Detection Tool

Linux Privilege Escalation Tool By WazeHell

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

A collection of hacking / penetration testing resources to make you better!

Linux enumeration tool for pentesting and CTFs with verbosity levels

Python library and client for token manipulations and impersonations for privilege escalation on Windows

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM

Automation for internal Windows Penetrationtest / AD-Security

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

My proof-of-concept exploits for the Linux kernel

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Privilege Escalation Enumeration Script for Windows

ODAT: Oracle Database Attacking Tool

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Collection of things made during my OSCP journey

MSDAT: Microsoft SQL Database Attacking Tool

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Linux privilege escalation exploit via snapd (CVE-2019-7304)

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

A curated list of awesome privilege escalation

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Windows 权限提升 BadPotato

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

A collection of links related to Linux kernel security and exploitation

A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Search for Unix binaries that can be exploited to bypass system security restrictions.

This tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Create file system symbolic links from low privileged user accounts within PowerShell

The goal is to provide an easy to use API to escalate privileges on Linux, Windows and Mac OS

Terribad PrivEsc enumeration script for Windows systems

Python AV Evasion Tools

Collection of different exploits

Bypass UAC at any level by abusing the Task Scheduler and environment variables

Linux kernel development & exploitation lab.

Simple DLL that add a user to the local Administrators group

Suggests programs to run against services found during the enumeration phase of a Pentest

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

ARCHIVED: Use 'peh' instead

Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler

UAC Bypass for windows

Bypass UAC by abusing the Internet Explorer Add-on installer

Brahma - Privilege elevation exploit for Nintendo 3DS

Execute PowerShell commands as Administrator in Windows 10 "like sudo"