Shell script that runs on UNIX systems (tested on Solaris 9, HPUX 11, various Linux distributions, FreeBSD 6.2). It detects misconfigurations that could allow local unprivileged user to escalate to other users (e.g. root) or to access local apps (e.g. databases). This is a collaborative rework of version 1.0
☆87Sep 26, 2016Updated 9 years ago
Alternatives and similar repositories for unix-privesc-check
Users that are interested in unix-privesc-check are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Working Rsh Client With Bind/Reverse Shell☆19Sep 15, 2015Updated 10 years ago
- a CMD shell in masm that listens on port 8080☆12Dec 19, 2020Updated 5 years ago
- Simple web app for displaying cowrie data in your browser☆12Jun 2, 2016Updated 9 years ago
- rev-door is a small backdoor with only ONE line of PHP code, which takes command from POST data and execute it on server side. It is like…☆26May 12, 2016Updated 9 years ago
- This is a SOAP service written in C# that has intentional SQL injection vulnerabilties.☆21Nov 27, 2016Updated 9 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Resources for: "Playing games with an attacker: how I messed with someone trying to breach the CryptoWall tracker"☆24Mar 30, 2016Updated 10 years ago
- Basic app to practice modsec bypass☆22May 12, 2016Updated 9 years ago
- Cross-site request forgery Learning Platform☆21Sep 13, 2014Updated 11 years ago
- Simple but effective word list transmutation command-line app. Feed it words, and mangle them into new variations quickly and easily!☆33May 5, 2016Updated 9 years ago
- PFI (Port Forwarding Interceptor)☆46Jan 29, 2026Updated 2 months ago
- Capture passwords of login attempts on non-existent and disabled accounts.☆38Aug 17, 2022Updated 3 years ago
- Automatically exported from code.google.com/p/unix-security-file-parser☆34Dec 21, 2015Updated 10 years ago
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆31May 10, 2016Updated 9 years ago
- Python script to inject and run shellcodes through TLS callbacks☆49Jun 22, 2015Updated 10 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Holepuncher, A wrapper script to open ports in iptables and start a listener.☆33Feb 26, 2016Updated 10 years ago
- Yet another AV evasion tool☆117Jan 3, 2022Updated 4 years ago
- Spray SMB with hashes, Then psexec☆32Jul 3, 2019Updated 6 years ago
- A CTF VM that fights back☆19Apr 4, 2012Updated 14 years ago
- Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.☆208Jan 24, 2016Updated 10 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Aug 10, 2013Updated 12 years ago
- Check for valid credentials across a network over SMB☆268Jan 5, 2024Updated 2 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- For when Plan A fails☆13Jan 24, 2012Updated 14 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Reverse to use in a batfile which can call the ip and ports from itself☆25Dec 19, 2020Updated 5 years ago
- ☆17Oct 5, 2014Updated 11 years ago
- A tool for the persistent XSS exploitation with a focus for mobile web browsers☆55May 8, 2021Updated 4 years ago
- Local UNIX PrivEsc Aggregation☆243Apr 9, 2016Updated 9 years ago
- Transmissions over time based covert channels across a network. Modifies the time intervals between packets to transmit data.☆22Jun 26, 2022Updated 3 years ago
- ☆27Jul 18, 2017Updated 8 years ago
- Learn the very basics of different languages☆49Apr 11, 2025Updated 11 months ago
- Repository aimed to compile scripts and tools that can be used during penetration tests to assess the security of different flash related…☆10Jan 5, 2015Updated 11 years ago
- Vulnerable Linux socket game for educational purposes☆22Apr 22, 2017Updated 8 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Tools for encrypting and decrypting things using Cisco's type 7 encryption.☆15Jan 11, 2013Updated 13 years ago
- Vulnerable Grails application☆43Jun 12, 2015Updated 10 years ago
- "HeaderScan" Burp Plugin☆16Apr 26, 2014Updated 11 years ago
- Pivoter is a proxy tool for pentesters to have easier lateral movement.☆144Aug 9, 2015Updated 10 years ago
- A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers☆15Sep 4, 2014Updated 11 years ago
- libpcap based ICMP encrypted backdoor for linux.☆132Mar 26, 2021Updated 5 years ago
- Simple reverse ICMP shell☆1,617Apr 6, 2018Updated 8 years ago