A collection of Windows, Linux and MySQL privilege escalation scripts and exploits. For pre-compiled local linux exploits, check out https://www.kernel-exploits.com.
https://crowdshield.comTags | exploits privesc sql mysql hacking pentesting bugbounty |
Implementation | C |
License | Public |
Platform |
Unix-privesc-checker is a script that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2). It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases). It is written as a single shell script so it can be easily uploaded and run (as opposed to un-tarred, compiled and installed). It can run either as a normal user or as root (obviously it does a better job when running as root because it can read more files).
pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute. Great for enumeration of Linux systems in CTFs. Also great to demonstrate your colleagues why passing secrets as arguments on the command line is a bad idea. The tool gathers it's info from procfs scans. Inotify watchers placed on selected parts of the file system trigger these scans to catch short-lived processes.
ctf pentesting privesc enumerationWindows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases). It is written in python and converted to an executable using pyinstaller so it can be easily uploaded and run (as opposed to unzipping python + other dependencies). It can run either as a normal user or as Administrator (obviously it does a better job when running as Administrator because it can read more files).
Traitor packages up a bunch of methods to exploit local misconfigurations and vulnerabilities (including most of GTFOBins) in order to pop a root shell. It'll exploit most sudo privileges listed in GTFOBins to pop a root shell, as well as exploiting issues like a writable docker.sock, or the recent polkit CVE-2021-3560. More routes to root will be added over time too.
exploit infosec privilege-escalation security-tools privesc hackthebox gtfobins redteam-tools cve-2021-3560Automatically launch google hacking queries against a target domain to find vulnerabilities and enumerate a target. This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
osint google hacking queries ghdb pentesting pentest automatedCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
hacking bugbounty whitepapers webappsec pentesting itsecurityQuickly analyze and reverse engineer Android applications. This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
android apk reverse-engineering hacking mobile decompile analyze pentest pentesting smaliNoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases".
nosql nosql-databases penetration-testing scanner security-audit security-tools security-toolset offensive-security enumeration databases mongodb couchdb web-application-security bugbounty redis mongodb-database sql-injection hacking hacking-tool hacktoberfestAn Information Security Reference That Doesn't Suck
infosec infosec-reference reverse-engineering hacking pentesting penetration-testing references privilege-escalation exfiltration information-security blueteam red-team osx forensics hacking-simulator privilege-escalation-exploits mitre-attack-dbThis section offers a selection of our fully featured security and hacking tools. We also provide some exploits, proof of concept code, shellcodes and snippets. That means some tools are not tested and may not have the feature set. If you find some bugs or if you have any questions, ideas or criticism regarding to this section, feel free to message us.
hacking shellcode exploitsI'm developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing.
network-analysis networking scapy python3 security-tools hacking penetration-testing pentesting pentest pentest-tool pentesting-networks security-audit security-testingFindsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
exploits metasploit nmap pentest hackers exploitdb find searchThis repository includes thousands of cybersecurity-related references and resources and it is maintained by Omar Santos. This GitHub repository has been created to provide supplemental material to several books, video courses, and live training created by Omar Santos and other co-authors. It provides over 6,000 references, scripts, tools, code, and other resources that help offensive and defensive security professionals learn and develop new skills. This GitHub repository provides guidance on how build your own hacking environment, learn about offensive security (ethical hacking) techniques, vulnerability research, exploit development, reverse engineering, malware analysis, threat intelligence, threat hunting, digital forensics and incident response (DFIR), includes examples of real-life penetration testing reports, and more. These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), CompTIA PenTest+ and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.
hacking penetration-testing hacking-series video-course cybersecurity ethical-hacking ethicalhacking hacker exploit exploits exploit-development vulnerability vulnerability-scanners vulnerability-assessment vulnerability-management vulnerability-identification awesome-lists awesome-list training hackersOften during the penetration test engagement the security analyst faces the problem of identifying privilege escalation attack vectors on tested Linux machine(s). One of viable attack vectors is using publicly known Linux exploit to gain root privileges on tested machine. Of course in order to do that the analyst needs to identify the right PoC exploit, make sure that his target is affected by the associated vulnerability and finally modify the exploit to suit his target. The linux-exploit-suggester.sh tool is designed to help with these activities. In this mode the analyst simply provides kernel version (--kernel switch) or uname -a command output (--uname switch) and receives list of candidate exploits for a given kernel version.
exploits privilege-escalation-exploits kernel-exploitation applicable-exploits security-tools hacking-tool linux-exploitsA collection of Burpsuite Intruder payloads and fuzz lists and pentesting methodology. To pull down all 3rd party repos, run install.sh in the same directory of the IntruderPayloads folder. This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
burpsuite intruder payloads fuzz-lists fuzzing fuzzA curated list of free Security and Pentesting related E-Books available on the Internet. If you want to contribute to this list (please do), send a pull request. All contributors will be recognized and appreciated.
security hacking penetration-testing hacking-ebooks forensics hackers-handbook cloud-security kali-linux cyber-security ebooksOne-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit. The payloads database is not big now because this the first edition but it will get bigger with updates and contributions.
hacking hacking-tool web-delivery metasploit one-liners one-liner pentest-tool pentesting-windows penetration-testing web-based-attacks web-attacks kali-linux windows-hacking multiplatformCloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.
cipher data-exfiltration hacking pentesting exfiltration steganography cryptography dlp av-evasion privacy security security-tools infosec red-team pentest pentest-tool hacking-tool hacking-tools pentest-tools stegoThe DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.
pentesting hacking hacking-tool pentest-tool automation security security-tools infosec pentest red-team blue-team red-teams blue-teams pentest-tools hacking-toolsA virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Dependencies will then be installed and VHostScan will be added to your path. If there is an issue regarding running python3 setup.py build_ext, you will need to reinstall numpy using pip uninstall numpy and pip install numpy==1.12.0. This should resolve the issue as there are sometimes issues with numpy being installed through setup.py.
security-audit penetration-testing penetration-test virtual-hosts web-application-security discovery-service hacking hacking-tool virtual-host vhost vhosts security-tools security hackthebox oscp ctf-tools offensive-security bugbounty reverse-lookups scanner
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.