Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM, common weaknesses in AWS deployments, specific to IAM, and how to exploit them manually. This was run as a workshop at BruCon 2019.
☆16Oct 31, 2019Updated 6 years ago
Alternatives and similar repositories for privilege_escalation
Users that are interested in privilege_escalation are comparing it to the libraries listed below
Sorting:
- Tool to enumerate potential security misconfigurations, allowing for privilege escalation on a windows machine.☆11Nov 22, 2019Updated 6 years ago
- Hack Windows with FUD backdoor/payload, Escalates LINUX privileges, Devastate Linux, Tunnel forwarding☆15Nov 10, 2020Updated 5 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 5 years ago
- PowerShell script to help with privilege escalation on a compromised Windows box.☆23Mar 3, 2019Updated 7 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- Python based module to find common vulnerabilities which lead to Windows privilege escalation☆30Sep 26, 2016Updated 9 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Uma ferramenta WEB de segurança open source de redes de computadores com Nmap, honeypot, vulnerabilidade de equipamentos de rede etc.☆10Mar 15, 2021Updated 4 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Jun 9, 2021Updated 4 years ago
- Helper scripts to assist penetration testing and exploit development☆35Dec 11, 2024Updated last year
- A tool to scan for .DS_Store files on webservers☆35Mar 28, 2021Updated 4 years ago
- Curso realizado por Ricardo Narvaja de CrackLatinos (Mirror) http://ricardonarvaja.info☆12May 28, 2018Updated 7 years ago
- My home server infrastructure as code☆16Updated this week
- Template Obsidian.md Vault☆12Feb 29, 2024Updated 2 years ago
- How to install a PCE simplified.☆17Jan 11, 2026Updated last month
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆18Mar 8, 2020Updated 5 years ago
- ☆11Jul 29, 2025Updated 7 months ago
- Networking Tools for Calculations & Scans☆12Dec 11, 2023Updated 2 years ago
- Red Teaming utilities that I can open source. Used in various tests and CTFS☆12Aug 19, 2024Updated last year
- A Golang Implementation of a non-interactive Schnorr ZKP over Elliptic Curves☆10Sep 1, 2019Updated 6 years ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- Looking for React.js jobs? Here are the most popular React Interview Questions and Answers which are most likely to be asked by the inter…☆10Jul 18, 2020Updated 5 years ago
- Tracking Google Enterprise Android Devices☆21Updated this week
- The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform☆10Jun 28, 2020Updated 5 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- 基于机器学习的Webshell检测工具☆12May 15, 2023Updated 2 years ago
- Proof of concept about the privilege escalation flaw identified in Google's Osconfig☆10Sep 20, 2020Updated 5 years ago
- A powerful containerized tool that automatically downloads, extracts, and scans packages from PyPI and npm for embedded secrets, API keys…☆18Jul 25, 2025Updated 7 months ago
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Solutions for various crackmes☆20Jan 13, 2013Updated 13 years ago
- w4b-file : WebFile Analyzer is an advanced command-line utility meticulously crafted for web developers, security professionals, and rese…☆11Nov 16, 2023Updated 2 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago
- Expand urls into one url for each path depth☆31Jul 29, 2020Updated 5 years ago
- Script spam sms termux☆14Aug 24, 2020Updated 5 years ago
- ☆11May 2, 2022Updated 3 years ago
- Gets currently logged-on users on domain computers, to see if they are local admins or not.☆10Aug 14, 2019Updated 6 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Mar 2, 2018Updated 8 years ago
- ☆14May 1, 2018Updated 7 years ago