Shell script that runs on UNIX systems (tested on Solaris 9, HPUX 11, various Linux distributions, FreeBSD 6.2). It detects misconfigurations that could allow local unprivileged user to escalate to other users (e.g. root) or to access local apps (e.g. databases). This is a collaborative rework of version 1.0
☆86Sep 26, 2016Updated 9 years ago
Alternatives and similar repositories for unix-privesc-check
Users that are interested in unix-privesc-check are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Working Rsh Client With Bind/Reverse Shell☆19Sep 15, 2015Updated 10 years ago
- a CMD shell in masm that listens on port 8080☆12Dec 19, 2020Updated 5 years ago
- Simple web app for displaying cowrie data in your browser☆12Jun 2, 2016Updated 10 years ago
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26May 12, 2016Updated 10 years ago
- This is a SOAP service written in C# that has intentional SQL injection vulnerabilties.☆21Nov 27, 2016Updated 9 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Resources for: "Playing games with an attacker: how I messed with someone trying to breach the CryptoWall tracker"☆24Mar 30, 2016Updated 10 years ago
- Basic app to practice modsec bypass☆22May 12, 2016Updated 10 years ago
- Cross-site request forgery Learning Platform☆21Sep 13, 2014Updated 11 years ago
- Simple but effective word list transmutation command-line app. Feed it words, and mangle them into new variations quickly and easily!☆33May 5, 2016Updated 10 years ago
- PFI (Port Forwarding Interceptor)☆46Jan 29, 2026Updated 4 months ago
- Capture passwords of login attempts on non-existent and disabled accounts.☆38Aug 17, 2022Updated 3 years ago
- Automatically exported from code.google.com/p/unix-security-file-parser☆34Dec 21, 2015Updated 10 years ago
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆31May 10, 2016Updated 10 years ago
- Python script to inject and run shellcodes through TLS callbacks☆49Jun 22, 2015Updated 10 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Holepuncher, A wrapper script to open ports in iptables and start a listener.☆33Feb 26, 2016Updated 10 years ago
- Yet another AV evasion tool☆117Jan 3, 2022Updated 4 years ago
- Spray SMB with hashes, Then psexec☆32Jul 3, 2019Updated 6 years ago
- A CTF VM that fights back☆19Apr 4, 2012Updated 14 years ago
- Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.☆208Jan 24, 2016Updated 10 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Aug 10, 2013Updated 12 years ago
- Check for valid credentials across a network over SMB☆268Jan 5, 2024Updated 2 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- For when Plan A fails☆13Jan 24, 2012Updated 14 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Reverse to use in a batfile which can call the ip and ports from itself☆25Dec 19, 2020Updated 5 years ago
- ☆17Oct 5, 2014Updated 11 years ago
- A tool for the persistent XSS exploitation with a focus for mobile web browsers☆55May 8, 2021Updated 5 years ago
- Local UNIX PrivEsc Aggregation☆242Apr 9, 2016Updated 10 years ago
- Transmissions over time based covert channels across a network. Modifies the time intervals between packets to transmit data.☆23Jun 26, 2022Updated 3 years ago
- ☆27Jul 18, 2017Updated 8 years ago
- Learn the very basics of different languages☆50Apr 11, 2025Updated last year
- Repository aimed to compile scripts and tools that can be used during penetration tests to assess the security of different flash related…��☆10Jan 5, 2015Updated 11 years ago
- Vulnerable Linux socket game for educational purposes☆22Apr 22, 2017Updated 9 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Tools for encrypting and decrypting things using Cisco's type 7 encryption.☆15Jan 11, 2013Updated 13 years ago
- Vulnerable Grails application☆43Jun 12, 2015Updated 10 years ago
- "HeaderScan" Burp Plugin☆16Apr 26, 2014Updated 12 years ago
- Pivoter is a proxy tool for pentesters to have easier lateral movement.☆145Aug 9, 2015Updated 10 years ago
- A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers☆15Sep 4, 2014Updated 11 years ago
- libpcap based ICMP encrypted backdoor for linux.☆131Mar 26, 2021Updated 5 years ago
- Simple reverse ICMP shell☆1,614Apr 6, 2018Updated 8 years ago