Privilege Escalation
Browse 86 privilege escalation tools
FEATURED
Exposure validation platform combining BAS and attack path validation (CART)
Identity threat detection and response platform for hybrid environments
Detects & blocks identity-based threats in real-time across hybrid environments
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.
CloudCopy implements a cloud version of the Shadow Copy attack to extract domain user hashes from AWS-hosted domain controllers by creating and mounting volume snapshots.
An educational cheatsheet that provides privilege escalation fundamentals and examples for CTF players and cybersecurity beginners.
A script to enumerate Google Storage buckets and determine access and privilege escalation
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
A collection of precompiled Windows exploits for privilege escalation.
A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.
A Linux-based environment for penetration testing and vulnerability exploitation
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.
