Displaying 1 to 5 from 5 results

traitor - Automatic Linux privesc via exploitation of low-hanging fruit e

  •    Go

Traitor packages up a bunch of methods to exploit local misconfigurations and vulnerabilities (including most of GTFOBins) in order to pop a root shell. It'll exploit most sudo privileges listed in GTFOBins to pop a root shell, as well as exploiting issues like a writable docker.sock, or the recent polkit CVE-2021-3560. More routes to root will be added over time too.

PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

  •    C

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits. For pre-compiled local linux exploits, check out https://www.kernel-exploits.com.

pspy - Monitor linux processes without root permissions

  •    Go

pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute. Great for enumeration of Linux systems in CTFs. Also great to demonstrate your colleagues why passing secrets as arguments on the command line is a bad idea. The tool gathers it's info from procfs scans. Inotify watchers placed on selected parts of the file system trigger these scans to catch short-lived processes.

CVE-2018-1000001 - glibc getcwd() local privilege escalation compiled binaries

  •    C

Attention: All rights to the exploit writer. I have just compiled and organized a repository for this CVE. Then you're probably vulnerable.




GTFOBLookup - Offline command line lookup utility for GTFOBins (https://github

  •    Python

Offline command line lookup utility for GTFOBins and LOLBAS. Whilst GTFOBLookup will run in Python2.7, some features require Python3.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.