LeprechaunThis tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.
YodoLocal Privilege Escalation
DllspyDLL Hijacking Detection Tool
Pe LinuxLinux Privilege Escalation Tool By WazeHell
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
PytmipePython library and client for token manipulations and impersonations for privilege escalation on Windows
Delete2systemWeaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Juicy PotatoA sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
PhpsploitFull-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
PrivesccheckPrivilege Escalation Enumeration Script for Windows
OdatODAT: Oracle Database Attacking Tool
OscpCollection of things made during my OSCP journey
MsdatMSDAT: Microsoft SQL Database Attacking Tool
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Dirty sockLinux privilege escalation exploit via snapd (CVE-2019-7304)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
RoothelperA Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
ToratToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
suiderThis tool will quickly search for exploitable binaries with SUID bit set in Linux and will output the method of exploitation from GTFObins
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
SharpLinkCreate file system symbolic links from low privileged user accounts within PowerShell
go-escalateThe goal is to provide an easy to use API to escalate privileges on Linux, Windows and Mac OS
ClippyTerribad PrivEsc enumeration script for Windows systems
exploitCollection of different exploits
byeintegrity5-uacBypass UAC at any level by abusing the Task Scheduler and environment variables
adduser-dllSimple DLL that add a user to the local Administrators group
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
wpeARCHIVED: Use 'peh' instead
byeintegrity3-uacBypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
BrahmaBrahma - Privilege elevation exploit for Nintendo 3DS
PSeudoExecute PowerShell commands as Administrator in Windows 10 "like sudo"