Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM, common weaknesses in AWS deployments, specific to IAM, and how to exploit them manually. This was run as a workshop at BruCon 2019.
☆16Oct 31, 2019Updated 6 years ago
Alternatives and similar repositories for privilege_escalation
Users that are interested in privilege_escalation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 6 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- This contains common OSCP local exploits and enumeration scripts☆12Sep 18, 2015Updated 10 years ago
- Tool to enumerate potential security misconfigurations, allowing for privilege escalation on a windows machine.☆11Nov 22, 2019Updated 6 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Work files for my blog post "Code Caving in a PE file.☆16Dec 18, 2016Updated 9 years ago
- A curated list of awesome AWS IAM tools, libraries guides, blogs, and other resources☆17Jan 5, 2020Updated 6 years ago
- PowerShell script to help with privilege escalation on a compromised Windows box.☆23Mar 3, 2019Updated 7 years ago
- Hack Windows with FUD backdoor/payload, Escalates LINUX privileges, Devastate Linux, Tunnel forwarding☆16Nov 10, 2020Updated 5 years ago
- This repository mainly focuses on various techniques, tools, frameworks and approach to perform offensive exploitation of AWS infrastruct…☆12Jun 12, 2019Updated 7 years ago
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆18Mar 8, 2020Updated 6 years ago
- Automate Recon process using Shell Scripting☆11Nov 26, 2021Updated 4 years ago
- libssh CVE-2018-10933☆22Oct 20, 2018Updated 7 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 7 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Python based module to find common vulnerabilities which lead to Windows privilege escalation☆30Sep 26, 2016Updated 9 years ago
- How to install a PCE simplified.☆17Jun 17, 2026Updated 2 weeks ago
- A tool to scan for .DS_Store files on webservers☆35Mar 28, 2021Updated 5 years ago
- Packer for PE and ELF, 32 and 64bits.☆23Aug 5, 2013Updated 12 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated last year
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆20Sep 18, 2017Updated 8 years ago
- PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation☆12Oct 27, 2020Updated 5 years ago
- ☆13Jul 29, 2025Updated 11 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Code and notes regarding Malware Development☆11Oct 30, 2022Updated 3 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Apr 4, 2018Updated 8 years ago
- Simple webinterface combining different recon tools.☆12Mar 2, 2018Updated 8 years ago
- Store ZAP reports historically and compare current ZAP results against the most recent for changes in alerts.☆12Jun 10, 2026Updated 3 weeks ago
- ☆10Oct 30, 2019Updated 6 years ago
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- Expired FUD .exe crypter☆14Aug 21, 2016Updated 9 years ago
- Proof of concept about the privilege escalation flaw identified in Google's Osconfig☆10Sep 20, 2020Updated 5 years ago
- The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform☆11Jun 28, 2020Updated 6 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Pghostile is a tool to automate the exploitation of PostgreSQL® specific vulnerabilities that could lead to privilege escalation. It can …☆11Aug 17, 2023Updated 2 years ago
- $ curl -sL sub.sh | bash☆17Aug 7, 2023Updated 2 years ago
- Red Teaming utilities that I can open source. Used in various tests and CTFS☆12Aug 19, 2024Updated last year
- the Open Source Windows Privilege Escalation Guide☆10May 22, 2026Updated last month
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆48Feb 27, 2019Updated 7 years ago
- URL-encode data streams via commandline☆14Oct 26, 2019Updated 6 years ago