GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Frissi0n → Gtfonow

Frissi0n / Gtfonow

Licence: mit
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Programming Languages

python
139335 projects - #7 most used programming language

Labels

linuxpentestingunixctfpost-exploitationbypassprivilege-escalationsudo

Projects that are alternatives of or similar to Gtfonow

Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: ✭ 413 (+507.35%)
Mutual labels:  pentesting, ctf, privilege-escalation
Oscp Pentest Methodologies
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166 (+144.12%)
Mutual labels:  pentesting, ctf, post-exploitation
Gtfobins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+8767.65%)
Mutual labels:  unix, post-exploitation, bypass
gtfo
Search for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (+29.41%)
Mutual labels:  post-exploitation, bypass, privilege-escalation
Pentesting toolkit
🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️
Stars: ✭ 1,268 (+1764.71%)
Mutual labels:  pentesting, ctf, post-exploitation
Sudo killer
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+1477.94%)
Mutual labels:  ctf, privilege-escalation, sudo
Covertutils
A framework for Backdoor development!
Stars: ✭ 424 (+523.53%)
Mutual labels:  pentesting, post-exploitation
Information collection handbook
Handbook of information collection for penetration testing and src
Stars: ✭ 447 (+557.35%)
Mutual labels:  pentesting, bypass
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+9120.59%)
Mutual labels:  pentesting, ctf
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+48295.59%)
Mutual labels:  bypass, privilege-escalation
Stegcracker
Steganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+482.35%)
Mutual labels:  pentesting, ctf
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+635.29%)
Mutual labels:  pentesting, ctf
Platypus
🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+722.06%)
Mutual labels:  pentesting, ctf
Torat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (+510.29%)
Mutual labels:  post-exploitation, privilege-escalation
Sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+492.65%)
Mutual labels:  pentesting, post-exploitation
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+648.53%)
Mutual labels:  pentesting, ctf
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+13305.88%)
Mutual labels:  pentesting, ctf
Pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+9807.35%)
Mutual labels:  pentesting, post-exploitation
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+1179.41%)
Mutual labels:  pentesting, privilege-escalation
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+6020.59%)
Mutual labels:  pentesting, privilege-escalation
View All Similar Projects ➔

GTFONow

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries.

Features

  • Automatically escalate privileges using misconfigured sudo permissions.
  • Automatically escalate privileges using misconfigured suid permissions.
  • Automatically escalated privileges using misconfigured capabilities.
  • Supports Python 2 and 3.
  • No third party libraries required.
  • Support sudo PASSWD and NOPASSWD escalation, automatically attempts to enumerate sudo binaries for when password is not known and sudo -l is not accessible.

Usage Examples

Default Mode - Scan All

asciicast

Capability Escalation

asciicast

Sudo Escalation and Verbose Mode

asciicast

Todo

  • Parse sudo -l for less noisy sudo privilege escalations.
  • Add more types of capability escalation.

Credits

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].