All Projects → NullArray → Roothelper

NullArray / Roothelper

Licence: gpl-3.0
A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

Programming Languages

shell
77523 projects
bash
514 projects
shellscript
22 projects

Projects that are alternatives of or similar to Roothelper

Mida Multitool
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-65.38%)
Mutual labels:  enumeration, privilege-escalation, root
Wadcoms.github.io
WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+3.61%)
Mutual labels:  enumeration, privilege-escalation
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-8.17%)
Mutual labels:  enumeration, privilege-escalation
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+109.13%)
Mutual labels:  enumeration, privilege-escalation
Sudo killer
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+157.93%)
Mutual labels:  exploits, privilege-escalation
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+7810.82%)
Mutual labels:  enumeration, privilege-escalation
Kernelpop
kernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (+50.96%)
Mutual labels:  enumeration, exploits
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 1,392 (+234.62%)
Mutual labels:  enumeration, privilege-escalation
reosploit
A Tool that Finds, Enumerates, and Exploits Reolink Cameras.
Stars: ✭ 89 (-78.61%)
Mutual labels:  enumeration, exploits
Lucifer
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: ✭ 302 (-27.4%)
Mutual labels:  enumeration, privilege-escalation
Clippy
Terribad PrivEsc enumeration script for Windows systems
Stars: ✭ 15 (-96.39%)
Mutual labels:  enumeration, privilege-escalation
exploit
Collection of different exploits
Stars: ✭ 153 (-63.22%)
Mutual labels:  exploits, privilege-escalation
Writeups
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-85.34%)
Mutual labels:  enumeration, privilege-escalation
Gtfo
Search gtfobins and lolbas files from your terminal
Stars: ✭ 336 (-19.23%)
Mutual labels:  enumeration
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+900.48%)
Mutual labels:  privilege-escalation
Celerystalk
An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (-19.95%)
Mutual labels:  enumeration
Webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (-25.24%)
Mutual labels:  enumeration
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-11.06%)
Mutual labels:  enumeration
Api
Vulners Python API wrapper
Stars: ✭ 313 (-24.76%)
Mutual labels:  exploits
Uproot3
ROOT I/O in pure Python and NumPy.
Stars: ✭ 312 (-25%)
Mutual labels:  root

RootHelper

Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised. The latest version totals eleven scripts. From enumeration to exploit suggestion to exploit deployment. RootHelper ensures you have access to the best tools for the job.

The credits for the scripts it fetches go to their original authors.

Update

Latest update has added a brand new Helper script. Details below.

RootHelper now supports command line arguments/flags.

The -q or --quiet flag supresses the usage print function on execution. Therefore you can now simply pass -q and be taken directly to the menu.

The -f or --fast flag immediately starts the execution of the script's download option. If time is of the essence the -f flag will hurry things along.

Latest Helper Scripts

The latest addition to the scripts available through RootHelper is rootend.py. It's a python3 implementation that automates enumeration and privilege escalation operations.

RedGhost Is from now on available with RootHelper, it's a Linux post-exploitation framework and payload generator.

Linux Smart Enumeration Is available with RootHelper. It's a tool based on LinEnum but with a heavy focus on the privilege escalation aspect that enumeration tools provide.

SBD or Static Binary Deployer has been added to the tools available for download with RootHelper. For details on this utility find my repo here

Auto-Root-Exploit Is now available through RootHelper.

BashArk; a post-exploitation tool. Is now available for download with RootHelper.

A new version of Linux Exploit Suggester has been released. It is an updated version based on the old one by PenturaLabs. The author of this tool and all others available through RootHelper are accredited for their excellent work below.

Priv-Esc scripts

LinEnum

Shellscript that enumerates the system configuration.

Linux Smart Enumeration

LinEnum fork with a heavy focus on privilege escalation.

unix-privesc-check 

Shellscript that enumerates the system configuration and runs some privilege escalation checks as well.

linuxprivchecker

A python implementation to suggest exploits particular to the system that's been compromised.

Linux_Exploit_Suggester

A perl script that that does the same as the one mentioned above.

SBD

SBD Makes it possible to deploy static binaries of common (and less common) Linux utilities that might otherwise be unavailable.

Auto-Root-Exploit

Auto-Root-Exploit is a shell script that downloads and executes all known publically available exploits from Exploit-DB for the system and kernel version you specify via the tool's command-line arguments.

BashArk

BashArk is post exploitation tool written in Bash.

Firmwalker

Shellscript that gathers useful information by searching the mounted firmware filesystem. For things such as SSL and web server related files, config files, passwords, common binaries and more.

RedGhost

Linux post exploitation framework designed to assist in persistence, reconnaissance, privilege escalation and leaving no trace.

rootend

Rootend automates enumeration and privilege escalation operations by targetting a wide range of potential exploitation catagories. It does so by looking for SUID bit enabled binaries. Weak permissions on security critical components, finding PHP Configuration files and much more.

Usage

To use the script you will need to get it on the system you've compromised with utilities such as git or wget depending on what is available to you on that particular system. From there you need to make it executable with chmod +x roothelper.sh After which run it and it will show you the options available and an informational message regarding the options. For clarity i have posted it below as well.

The 'Help' option displays this informational message.

The 'Download' option fetches the relevant files and places them in the /tmp/ directory.

The option 'Download and unzip' downloads all files and extracts the contents of zip archives to their individual subdirectories respectively, please
note; if the 'mkdir' command is unavailable however, the operation will not succeed and the 'Download' option should be used instead

The 'Clean up' option removes all downloaded files and 'Quit' exits roothelper.

Acknowledgements

Special thanks to DiegoTreitos for his efforts in optimizing RootHelper's source code.

Credits for scripts RootHelper fetches go to their original authors.

rootend by nickvourd and Maldevel from TwelveSec.

RedGhost by d4rk007

linux-smart-enumeration by DiegoTreitos

LinEnum by RebootUser

Firmwalker by Craigz28

Auto-Root-Exploit by nilotpalbiswas

BashArk by TheSecondSun

Linux Priv Checker by SecuritySift

Linux Exploit Suggester by Jondonas

Unix Priv-Esc Check by Pentestmonkey

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].