initstring / Uptux
Licence: mit
Linux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Uptux
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+1500.77%)
Mutual labels: hacking, pentesting, privilege-escalation
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+234.62%)
Mutual labels: hacking, pentesting, privilege-escalation
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+46.92%)
Mutual labels: hacking, pentesting, privilege-escalation
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 1,392 (+435.38%)
Mutual labels: hacking, pentesting, privilege-escalation
Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: ✭ 413 (+58.85%)
Mutual labels: hacking, pentesting, privilege-escalation
Linux Smart Enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+652.31%)
Mutual labels: hacking, pentesting, privilege-escalation
Webmap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-27.69%)
Mutual labels: hacking, pentesting
Getjs
A tool to fastly get all javascript sources/files
Stars: ✭ 190 (-26.92%)
Mutual labels: hacking, pentesting
Evil Ssdp
Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-21.54%)
Mutual labels: hacking, pentesting
Hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Stars: ✭ 3,741 (+1338.85%)
Mutual labels: hacking, pentesting
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-23.46%)
Mutual labels: hacking, pentesting
Lyncsmash
locate and attack Lync/Skype for Business
Stars: ✭ 258 (-0.77%)
Mutual labels: hacking, pentesting
Awesome Shodan Queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+960.77%)
Mutual labels: hacking, pentesting
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-30%)
Mutual labels: hacking, pentesting
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-25.77%)
Mutual labels: hacking, pentesting
Hack Tools
The all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+957.69%)
Mutual labels: hacking, pentesting
Capsulecorp Pentest
Vagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (-17.69%)
Mutual labels: hacking, pentesting
uptux
Specialized privilege escalation checks for Linux systems.
Implemented so far:
- Writable systemd paths, services, timers, and socket units
- Disassembles systemd unit files looking for:
- References to executables that are writable
- References to broken symlinks pointing to writeable directories
- Relative path statements
- Unix socket files that are writeable (sneaky APIs)
- Writable D-Bus paths
- Overly permissive D-Bus service settings
- HTTP APIs running as root and responding on file-bound unix domain sockets
These checks are based on things I encounter during my own research, and this tool is certainly not inclusive of everything you should be looking at. Don't skip the classics!
Usage
All functionality is contained in a single file, because installing packages in restricted shells is a pain. Python2 compatibility will be maintained for those crap old boxes we get stuck with. However, as the checks are really aimed at more modern user-space stuff, it is unlikely to uncover anything interesting on an old box anyway.
There is nothing to install, just grab the script and run it.
usage: uptux.py [-h] [-n] [-d]
PrivEsc for modern Linux systems, by initstring (github.com/initstring)
optional arguments:
-h, --help show this help message and exit
-n, --nologging do not write the output to a logfile
-d, --debug print some extra debugging info to the console
Testing
For testing purposes, you can run the tests/r00tme.sh script, which will
create many vulnerable configuration issues on your system that uptux can
identify. Running tests/unr00tme.sh will undo these changes, but don't hold
me to it. Needless to say, this is dangerous.
Use a VM for testing this way.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].