Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM, common weaknesses in AWS deployments, specific to IAM, and how to exploit them manually. This was run as a workshop at BruCon 2019.
☆16Oct 31, 2019Updated 6 years ago
Alternatives and similar repositories for privilege_escalation
Users that are interested in privilege_escalation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 6 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- This contains common OSCP local exploits and enumeration scripts☆12Sep 18, 2015Updated 10 years ago
- Tool to enumerate potential security misconfigurations, allowing for privilege escalation on a windows machine.☆11Nov 22, 2019Updated 6 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Work files for my blog post "Code Caving in a PE file.☆16Dec 18, 2016Updated 9 years ago
- PowerShell script to help with privilege escalation on a compromised Windows box.☆23Mar 3, 2019Updated 7 years ago
- Hack Windows with FUD backdoor/payload, Escalates LINUX privileges, Devastate Linux, Tunnel forwarding☆16Nov 10, 2020Updated 5 years ago
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆18Mar 8, 2020Updated 6 years ago
- libssh CVE-2018-10933☆22Oct 20, 2018Updated 7 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Packer for PE and ELF, 32 and 64bits.☆22Aug 5, 2013Updated 12 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 10 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation☆12Oct 27, 2020Updated 5 years ago
- Code and notes regarding Malware Development☆11Oct 30, 2022Updated 3 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Apr 4, 2018Updated 8 years ago
- Simple webinterface combining different recon tools.☆12Mar 2, 2018Updated 8 years ago
- ☆10Oct 30, 2019Updated 6 years ago
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- Proof of concept about the privilege escalation flaw identified in Google's Osconfig☆10Sep 20, 2020Updated 5 years ago
- The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform☆10Jun 28, 2020Updated 5 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Pghostile is a tool to automate the exploitation of PostgreSQL® specific vulnerabilities that could lead to privilege escalation. It can …☆11Aug 17, 2023Updated 2 years ago
- $ curl -sL sub.sh | bash☆17Aug 7, 2023Updated 2 years ago
- the Open Source Windows Privilege Escalation Guide☆10Updated this week
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆48Feb 27, 2019Updated 7 years ago
- URL-encode data streams via commandline☆14Oct 26, 2019Updated 6 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 10 months ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Jun 9, 2021Updated 4 years ago
- ☆14Nov 29, 2019Updated 6 years ago
- A bunch of tricks and configs to configure a work environment for web pentesting☆13Oct 1, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- WaybackRust is a tool written in Rust to query the WaybackMachine.☆15Jul 18, 2025Updated 10 months ago
- A powerful containerized tool that automatically downloads, extracts, and scans packages from PyPI and npm for embedded secrets, API keys…☆20Jul 25, 2025Updated 10 months ago
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Feb 21, 2022Updated 4 years ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 10 months ago
- Curso realizado por Ricardo Narvaja de CrackLatinos (Mirror) http://ricardonarvaja.info☆12May 28, 2018Updated 7 years ago
- A tool to abuse Exchange services☆12Mar 18, 2024Updated 2 years ago
- Training for SQL injections☆36Feb 3, 2019Updated 7 years ago