#Privilege-escalation

Showing 60 of 68 repositories tagged #privilege-escalation, ranked by stars

swisskyrepo
swisskyrepo
PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Score
100
★ 79.0k ⑂ 17.2k +72/day
Python
vitalysim
vitalysim
Awesome-Hacking-Resources

A collection of hacking / penetration testing resources to make you better!

Score
100
★ 17.2k ⑂ 2.2k +29/day
liamg
liamg
traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Score
50
★ 7.1k ⑂ 703
Go
S1ckB0y1337
S1ckB0y1337
Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Score
96
★ 6.7k ⑂ 1.3k +5/day
xairy
xairy
linux-kernel-exploitation

A collection of links related to Linux kernel security and exploitation

Score
98
★ 6.5k ⑂ 1.1k +8/day
k8gege
k8gege
K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Score
85
★ 6.2k ⑂ 2.1k +5/day
PowerShell
rmusser01
rmusser01
Infosec_Reference

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Score
91
★ 6.0k ⑂ 1.2k +2/day
CSS
cdk-team
cdk-team
CDK

📦 Make security testing of K8s, Docker, and Containerd easier.

Score
100
★ 4.7k ⑂ 604 +3/day
Go
diego-treitos
diego-treitos
linux-smart-enumeration

Linux enumeration tool for pentesting and CTFs with verbosity levels

Score
94
★ 3.9k ⑂ 604 +5/day
Shell
S3cur3Th1sSh1t
S3cur3Th1sSh1t
WinPwn

Automation for internal Windows Penetrationtest / AD-Security

Score
100
★ 3.7k ⑂ 536 +1/day
PowerShell
Ignitetechnologies
Ignitetechnologies
Privilege-Escalation

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

Score
93
★ 3.6k ⑂ 645
Integration-IT
Integration-IT
Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Score
76
★ 2.7k ⑂ 518 +2/day
PowerShell
nil0x42
nil0x42
phpsploit

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Score
72
★ 2.5k ⑂ 470 +2/day
Python
TH3xACE
TH3xACE
SUDO_KILLER

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

Score
89
★ 2.5k ⑂ 264
Shell
ihebski
ihebski
A-Red-Teamer-diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Score
81
★ 1.9k ⑂ 315
m0nad
m0nad
awesome-privilege-escalation

A curated list of awesome privilege escalation

Score
87
★ 1.6k ⑂ 174
mufeedvh
mufeedvh
moonwalk

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

Score
67
★ 1.5k ⑂ 134 +2/day
Rust
Metarget
Metarget
metarget

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

Score
0
★ 1.4k ⑂ 202 +1/day
Python
quentinhardy
quentinhardy
msdat

MSDAT: Microsoft SQL Database Attacking Tool

Score
0
★ 1.0k ⑂ 146 +2/day
Python
ihack4falafel
ihack4falafel
OSCP

Collection of things made during my OSCP journey

Score
33
★ 956 ⑂ 462
Python
initstring
initstring
dirty_sock

Linux privilege escalation exploit via snapd (CVE-2019-7304)

Score
65
★ 683 ⑂ 146
Python
Frissi0n
Frissi0n
GTFONow

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

Score
83
★ 636 ⑂ 74
Python
pr0v3rbs
pr0v3rbs
CVE-2025-32463_chwoot

Escalation of Privilege to the root through sudo binary with chroot option. CVE-2025-32463

Score
100
★ 527 ⑂ 96
Shell
ADScanPro
ADScanPro
adscan

Active Directory pentesting tool for Linux. Automated Kerberoasting, AS-REP Roasting, ADCS/ESC exploitation, DCSync, BloodHound integration, and 40+ AD attack paths. ENS Alto / NIS2 / ISO 27001 compliance reports. No Windows required.

Score
80
★ 474 ⑂ 50 +4/day
Python
ARCANGEL0
ARCANGEL0
EVA

EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

Score
67
★ 425 ⑂ 80 +7/day
Python
ghostvectoracademy
ghostvectoracademy
DLLHijackHunter

Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.

Score
78
★ 393 ⑂ 45 +1/day
C#
Skiller9090
Skiller9090
Lucifer

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Score
54
★ 378 ⑂ 84 +1/day
Python
initstring
initstring
uptux

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

Score
48
★ 300 ⑂ 38
Python
portbuster1337
portbuster1337
lpe-toolkit

Multi-architecture Linux privilege escalation toolkit with 19 pre-built and runtime-compilable exploits. Auto-detects kernel version, filters patched exploits, tries each until root.

Score
74
★ 284 ⑂ 42 +182/day
C
kosty-cloud
kosty-cloud
kosty

Scan 30+ AWS services. Find cost waste. Detect security gaps. Map your attack surface. One command.

Score
50
★ 270 ⑂ 24
Python
yuawn
yuawn
Linux-Kernel-Exploitation

Linux kernel module implementation & exploitation (pwn) labs.

Score
39
★ 214 ⑂ 21
C
safebuffer
safebuffer
PE-Linux

Linux Privilege Escalation Tool

Score
43
★ 187 ⑂ 55
Shell
am0nsec
am0nsec
exploit

Collection of different exploits

Score
41
★ 184 ⑂ 48
Python
evyatar9
evyatar9
Writeups

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Score
57
★ 155 ⑂ 16
HTML
momenbasel
momenbasel
htb-writeups

The most comprehensive Hack The Box writeup collection - 500+ machines, 400+ challenges, interactive knowledge graph, skill trees, attack path diagrams, ProLabs, Sherlocks, OSCP/CPTS/CRTO prep. Browse: momenbasel.github.io/htb-writeups

Score
70
★ 153 ⑂ 35 +8/day
HTML
NeCr00
NeCr00
Credential-Hunting

CredsHunter - Credential Hunting scripts for Windows and Linux OS

Score
69
★ 151 ⑂ 26 +4/day
PowerShell
chainski
chainski
ForceAdmin

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

Score
61
★ 119 ⑂ 19
AutoIt
0xedward
0xedward
awesome-infosec

A curated list of awesome infosec blog posts, courses, books and more!

Score
33
★ 107 ⑂ 23
PaloAltoNetworks
PaloAltoNetworks
IAM-Deescalate

IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)

Score
30
★ 98 ⑂ 6
Python
0hardik1
0hardik1
kubesplaining

Kubernetes security assessment CLI: RBAC, pod-escape, and privilege-escalation path analysis. Cloudsplaining for Kubernetes.

Score
0
★ 81 ⑂ 7
Go
7RU7H
7RU7H
Archive

Hacking Methodology, Cheatsheats, Conceptual-Breakdowns

Score
63
★ 78 ⑂ 16
Shell
R3LI4NT
R3LI4NT
road-to-hacking

¿Quieres empezar en el mundo hacking? En esta revista te enseño a instalar Kali Linux desde cero y a manipular herramientas esenciales en el Hacking Ético.

Score
20
★ 74 ⑂ 4
Division-36
Division-36
Z-Jail

A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine (Truthimatics Public Version) for secure, auditable code execution.

Score
59
★ 70 ⑂ 12
C
ethanolivertroy
ethanolivertroy
PNPT

Notes in preparation for the PNPT (Practical Network Penetration Testing) Certification Exam

Score
22
★ 65 ⑂ 16
Python
SeanPesce
SeanPesce
SELinux-Kernel-Module-Bypass

Tools to bypass flawed SELinux policies using the init_module system call

Score
17
★ 61 ⑂ 9
C
jwardsmith
jwardsmith
Active-Directory-Exploitation

This cheatsheet contains Active Directory (AD) exploitation techniques, showcasing methods used to identify and abuse misconfigurations or weaknesses within AD environments.

Score
28
★ 61 ⑂ 21
ucsb-seclab
ucsb-seclab
chainreactor

ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achieve privilege escalation from initial access to a target system.

Score
0
★ 61 ⑂ 1
PDDL
AIex-3
AIex-3
confluence-hack

CVE-2023-22515

Score
15
★ 52 ⑂ 7
Java
lucthienphong1120
lucthienphong1120
AIO-Pentesting

All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester

Score
24
★ 46 ⑂ 14 +2/day
PHP
h4rithd
h4rithd
PrecompiledBinaries

Curated precompiled Windows and Linux binaries for authorized pentesting, red teaming, Active Directory testing, privilege escalation labs, and post-exploitation research.

Score
56
★ 41 ⑂ 15 +2/day
PowerShell
halilibrahimd27
halilibrahimd27
cheat-sheet

Interactive offensive security cheat sheet — 4500+ pentest commands across 50 categories with instant search, full CRUD, write-ups, favorites and variable fill-bar. OSCP/OSWE/OSEP/CPTS/CKS/CKA/DCA exam prep ready. Docker deployable.

Score
52
★ 38 ⑂ 4
JavaScript
uttambodara
uttambodara
Awesome-Hacking-Learning-Path

A comprehensive hacking learning path covering Pentesting, OSINT, Linux, Networking, Web Application Security, Cryptography, Exploitation, Reverse Engineering, Forensics, CVEs, and CTF challenges. Perfect for beginners and professionals to master ethical hacking, penetration testing, and cybersecurity step by step. 🚀

Score
50
★ 29 ⑂ 6 +1/day
thehackersbrain
thehackersbrain
certificate-of-compromise

SoK/Whitepaper on Offensive Operations against Active Directory Certificate Service

Score
44
★ 27 ⑂ 3 +2/day
Mdot0
Mdot0
Pentesting-Methodology

When it comes to exploiting web application security, this is a methodology. Enumeration and Networking guidelines are also listed to help while on a Pentest/CTF.

Score
31
★ 26 ⑂ 6
thieveshkar
thieveshkar
Offensive-Security-Forensics-Portfolio

A portfolio demonstrating advanced blue and red team skills, including: SSH MFA implementation, Volatility-based memory forensics to detect code injection, Splunk threat hunting (BOTS v3), Wireshark C2 analysis, and kernel exploitation walkthroughs (LinPEAS, VulnHub).

Score
19
★ 21 ⑂ 3
TheBotlyNoob
TheBotlyNoob
Rust-Privesc

privilege escalation POCs built in Rust.

Score
0
★ 20 ⑂ 1
Rust
joshuaruppe
joshuaruppe
winprivesc

Windows batch script for system enumeration and spotting privilege-escalation routes. Stock cmd.exe only: no PowerShell, no wmic, no external tools.

Score
46
★ 18 ⑂ 8
Batchfile
Fricciolosa-Red-Team
Fricciolosa-Red-Team
mobile-heavy-artillery

🔥Ready, Aim, Fire.🔥

Score
11
★ 18 ⑂ 7
Shell
Ha-L0
Ha-L0
suidPWN

Speeding up identifying which binaries with a SUID flag may lead to root access

Score
7
★ 16 ⑂ 4
Python
n3rada
n3rada
toboggan

Turn any RCE primitive into a semi-interactive shell with forward shell (mkfifo) and post-exploitation actions.

Score
35
★ 16 ⑂ 2
Python
Related Topics
#hacking#pentesting#penetration-testing#security#linux#ctf#exploit#security-tools#enumeration#pentest#windows#active-directory

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly