Git Product home page Git Product logo

linux-privilege-escalation-resources's Introduction

Linux-Privilege-Escalation-Resources

Compilation of Resources for TCM's Linux Privilege Escalation course

General Links

TCM Website: https://www.thecybermentor.com/

TCM-Sec: https://tcm-sec.com/

Course: https://www.udemy.com/course/linux-privilege-escalation-for-beginners/

Twitch: https://www.twitch.tv/thecybermentor

Twitter: https://twitter.com/thecybermentor

YouTube: https://www.youtube.com/c/thecybermentor

TryHackMe: https://tryhackme.com/

LinuxPrivEscArena: https://tryhackme.com/room/linuxprivescarena

Introduction

Basic Linux Priv Esc: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Linux Priv Esc PayloadAllTheThings: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md

Linux Priv Esc Checklist: https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist

Sushant 747's Guide: https://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_-_linux.html

Exploring Automated Tools

LinPEAS: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS

LinEnum: https://github.com/rebootuser/LinEnum

Linux exploit suggester: https://github.com/mzet-/linux-exploit-suggester

LinuxPrivChecker: https://github.com/sleventyeleven/linuxprivchecker

Escalation Path: Kernel Exploits

Kernel Exploits: https://github.com/lucyoa/kernel-exploits

Escalation Path: Sudo

GTFOBins: https://gtfobins.github.io/

LinuxPrivEscPlayground: https://tryhackme.com/room/privescplayground

wget example: https://veteransec.com/2018/09/29/hack-the-box-sunday-walkthrough/

dirsearch: https://github.com/maurosoria/dirsearch

CMS Made Simple ExploitDB: https://www.exploit-db.com/exploits/46635

CVE-2019-14287 ExploitDB: https://www.exploit-db.com/exploits/46635

CVE-2019-18634 GitHub: https://github.com/saleemrashid/sudo-cve-2019-18634

Escalation Path: Other SUID Escalation

Nginx Exploit: http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

Escalation Path: Capabilities

Priv Esc using Capabilities: https://www.hackingarticles.in/linux-privilege-escalation-using-capabilities/

SUID vs. Capabilities: https://mn3m.info/posts/suid-vs-capabilities/

Capabilites Priv Esc w/ OpennSLL and Selinux enabled and enforced: https://medium.com/@int0x33/day-44-linux-capabilities-privilege-escalation-via-openssl-with-selinux-enabled-and-enforced-74d2bec02099

linux-privilege-escalation-resources's People

Contributors

gr1mmie avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.