A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking / penetration testing resources to make you better!
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A collection of links related to Linux kernel security and exploitation
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
📦 Make security testing of K8s, Docker, and Containerd easier.
一个攻防知识库。A knowledge base for red teaming and offensive security.
Copy Fail (CVE-2026-31431): 9-year-old Linux kernel LPE found by Theori's Xint Code
Linux enumeration tool for pentesting and CTFs with verbosity levels
Privilege Escalation Enumeration Script for Windows
Automation for internal Windows Penetrationtest / AD-Security
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Fancy reverse and bind shell handler
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Add a description, image, and links to the privilege-escalation topic page so that developers can more easily learn about it.
To associate your repository with the privilege-escalation topic, visit your repo's landing page and select "manage topics."