ly4k/PwnKit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ly4k/PwnKit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ly4k/PwnKit)

Close

ly4k / PwnKitView on GitHubMore

• External links
• Readme badge

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

☆1,310Jun 21, 2022Updated 3 years ago

Alternatives and similar repositories for PwnKit

Users that are interested in PwnKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• arthepsy / CVE-2021-4034

  View on GitHub
  PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
  ☆1,155May 4, 2023Updated 3 years ago
• berdav / CVE-2021-4034

  View on GitHub
  CVE-2021-4034 1day
  ☆2,041Jun 8, 2022Updated 4 years ago
• BeichenDream / GodPotato

  View on GitHub
  ☆2,291Nov 24, 2023Updated 2 years ago
• ly4k / SpoolFool

  View on GitHub
  Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
  ☆795Feb 9, 2022Updated 4 years ago
• ly4k / Certipy

  View on GitHub
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆3,544Jun 4, 2026Updated last week
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• itm4n / PrintSpoofer

  View on GitHub
  Abusing impersonation privileges through the "Printer Bug"
  ☆2,253Sep 10, 2020Updated 5 years ago
• antonioCoco / RunasCs

  View on GitHub
  RunasCs - Csharp and open version of windows builtin runas.exe
  ☆1,394Jul 12, 2024Updated last year
• cube0x0 / noPac

  View on GitHub
  CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
  ☆1,401Dec 16, 2021Updated 4 years ago
• topotam / PetitPotam

  View on GitHub
  PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
  ☆2,237Aug 15, 2024Updated last year
• CCob / SweetPotato

  View on GitHub
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,822Sep 4, 2024Updated last year
• antonioCoco / RoguePotato

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,169Jan 9, 2021Updated 5 years ago
• GhostPack / Rubeus

  View on GitHub
  Trying to tame the three-headed dog.
  ☆5,033May 21, 2026Updated 3 weeks ago
• DominicBreuker / pspy

  View on GitHub
  Monitor linux processes without root permissions
  ☆6,049Mar 1, 2026Updated 3 months ago
• itm4n / PrivescCheck

  View on GitHub
  Privilege Escalation Enumeration Script for Windows
  ☆3,850Apr 29, 2026Updated last month
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Greenwolf / ntlm_theft

  View on GitHub
  A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
  ☆1,418Sep 22, 2025Updated 8 months ago
• antonioCoco / JuicyPotatoNG

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆956Nov 12, 2022Updated 3 years ago
• decoder-it / LocalPotato

  View on GitHub
  ☆707Nov 7, 2023Updated 2 years ago
• Ridter / noPac

  View on GitHub
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆1,013Jan 29, 2023Updated 3 years ago
• ropnop / kerbrute

  View on GitHub
  A tool to perform Kerberos pre-auth bruteforcing
  ☆3,344Aug 20, 2024Updated last year
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,118Sep 17, 2024Updated last year
• calebstewart / CVE-2021-1675

  View on GitHub
  Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
  ☆1,098Jul 5, 2021Updated 4 years ago
• zcgonvh / EfsPotato

  View on GitHub
  Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
  ☆824Dec 14, 2023Updated 2 years ago
• CravateRouge / bloodyAD

  View on GitHub
  BloodyAD is an Active Directory Privilege Escalation Framework
  ☆2,204May 13, 2026Updated 3 weeks ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• cube0x0 / CVE-2021-1675

  View on GitHub
  C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
  ☆1,985Jul 20, 2021Updated 4 years ago
• nicocha30 / ligolo-ng

  View on GitHub
  An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
  ☆4,608Feb 15, 2026Updated 3 months ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆536Nov 20, 2021Updated 4 years ago
• ohpe / juicy-potato

  View on GitHub
  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…
  ☆2,787Dec 18, 2021Updated 4 years ago
• 61106960 / adPEAS

  View on GitHub
  Powershell tool to automate Active Directory enumeration.
  ☆1,327Updated this week
• hlldz / RefleXXion

  View on GitHub
  RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …
  ☆500Jan 25, 2022Updated 4 years ago
• r3motecontrol / Ghostpack-CompiledBinaries

  View on GitHub
  Compiled Binaries for Ghostpack
  ☆1,693Oct 24, 2024Updated last year
• dirkjanm / krbrelayx

  View on GitHub
  Kerberos relaying and unconstrained delegation abuse toolkit
  ☆1,608Mar 11, 2026Updated 2 months ago
• KaLendsi / CVE-2022-21882

  View on GitHub
  win32k LPE
  ☆462Jan 27, 2022Updated 4 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• cube0x0 / KrbRelay

  View on GitHub
  Framework for Kerberos relaying
  ☆950May 29, 2022Updated 4 years ago
• GhostPack / Certify

  View on GitHub
  Active Directory certificate abuse.
  ☆1,982Mar 30, 2026Updated 2 months ago
• Dec0ne / KrbRelayUp

  View on GitHub
  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…
  ☆1,652Aug 6, 2022Updated 3 years ago
• Pennyw0rth / NetExec

  View on GitHub
  The Network Execution Tool
  ☆5,587Updated this week
• peass-ng / PEASS-ng

  View on GitHub
  PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
  ☆19,943Updated this week
• antonioCoco / ConPtyShell

  View on GitHub
  ConPtyShell - Fully Interactive Reverse Shell for Windows
  ☆1,222Jan 20, 2023Updated 3 years ago
• dirkjanm / BloodHound.py

  View on GitHub
  A Python based ingestor for BloodHound
  ☆2,401Oct 24, 2025Updated 7 months ago