Particle42
  • ๐Ÿ”ฌNetwork Enumeration
    • NMAP
    • TCPdump
  • ๐Ÿ”ญWebsite Enumeration
    • Passive Information Gathering
    • Subdomain Enumeration
  • ๐Ÿ–ฅ๏ธWeb Application
    • URL & App Scan
    • Subdomain/Vhost Fuzz
    • Login Hack
    • Cross Site Scripting
    • Directory Traversal
    • Local File Inclusion
    • Remote File Inclusion
    • PHP Wrappers
    • SQL Injection
      • Bypass Authentication
      • Database Enumeration
      • Code Execution Via Injection
      • SQL Injection Tools
      • Other Resources
    • NOSQL Injection
      • Bypass Authentication
    • WordPress Scanner
    • Hints & Easter Eggs
  • ๐ŸŽฃPhishing
    • Client Info Gathering
    • HTA
    • Word Macros
    • Windows Library Files
  • ๐ŸชŸWindows
    • Enumeration & PE Quick Ref
    • Enumeration
      • Users
      • Powershell History
      • System Details
      • Applications & Services
      • Files & Filesystems
      • Cached Creds
    • Windows PE
      • Windows PE Checklist
      • Service Binary Hijacking
      • Important Files
      • Service DLL Hijacking
      • Unquoted Service Paths
      • Other PE Methods
      • Finding PE Vulns
      • SeImpersonatePrivilege
      • Bypassuac using Bypassuac.exe
      • Bypassuac using eventviewer.exe
      • Rasta Watson
    • Windows Remote Access
  • ๐Ÿ“‚Active Directory
    • About
    • Important Definitions
    • Exploitation Methodology
    • AD Kerberos
      • Invoke-Kerberoast - Shortcut
    • Domain Recon
      • Auto Recon
    • AD Authentication Attacks
      • Password Guessing
      • Creating & Cracking TGS
      • Kerberoasting
    • Lateral Movement
      • Pass the Hash
      • Overpass the Hash
      • Pass the Ticket
      • Distributed Component Object Model
      • Golden Ticket
      • Shadow Copy
      • Domain Controller Sync
      • Windows Management Instrumentation
      • PowerShell Remoting
    • All Commands, Tools & Scripts
      • Using Crackmapexec
      • Using Powerview
      • Important Scripts & Links
  • ๐ŸบBuffer Over Flow
    • Finding EIP Position
    • Eliminating Bad Characters
    • Finding Return Address
    • Payload for BOF
  • ๐ŸงLinux
    • Enumeration
      • Users
      • Encrypted Files
      • System Info
      • Files & Filesystems
      • Applications & Services
    • Attack Vectors
      • Authorised Keys
    • Linux PE
      • Enumeration Commands
      • Finding PE Vulns
      • Check Sudo List
      • Add User to Passwd File
      • SUIDs
      • Tasks with Wildcard
      • Dirty Cow
      • DirtyPipe
      • Insecure File Permissions
      • Enumerating Processes
    • Quick Commands
  • Services
    • SMB
      • Find Server Version
      • Directory Traversal using Symlink
      • Enable Passwordless SMB Access
    • MSSQL
    • MYSQL
    • PHPLiteAdmin
    • SSH
      • Limited Keys Issue
    • SMTP
      • Sending Email
    • Webdav
    • DNS
      • DNS Recon
  • โ†—๏ธPivoting
    • Bringing Internet Access
    • Port Forwarding
      • Local Port Forwarding
      • Remote Port Forwarding
      • Dynamic Port Forwarding
    • HTTP Tunnel-ing
    • DNS Tunneling
    • Chisel
    • Ligolo-NG
  • ๐Ÿ”‘Passwords
    • Wordlist Generation
    • HTTP Applications
    • OS Login
    • Password Cracking
      • Using Hashes Directly
      • Cracking Hashes
    • SAM & System
  • ๐Ÿ› ๏ธPractical Tools
    • Remote Shell
      • Alternate Reverse Shells
      • Move to Interactive Shell
    • File Transfers
      • Quick Webservers
    • CURL
    • Payloads
      • MSFVenom
      • Veil Framework
    • Crafty Executable
    • Metasploit
      • Discovery
    • IMPACKET
      • MSSQL-Client
    • Clever Alternatives
  • ๐Ÿš€Privilege Escalation
    • General Info
  • โšกResources
    • Exploits
Powered by GitBook
On this page
  • LinPeas
  • LinEnum
  • Linux Exploit Suggester 1 & 2
  • Linuxprivchecker

Was this helpful?

  1. Linux
  2. Linux PE

Finding PE Vulns

PreviousEnumeration CommandsNextCheck Sudo List

Last updated 2 years ago

Was this helpful?

Here is a list of commands and scripts that you can use to identify privilege escalation vulnerabilities in a Linux system.

LinPeas

This is one of the best scripts out there to check for Privilege Escalation vulnerabilities in a Linux system. The script outputs color coded attack vectors that are indicative of most probable to least probable or impossible.

LinEnum

Linux Exploit Suggester 1 & 2

LES can check for most of security settings available in your Linux kernel. The exposure for each exploit is listed from highly probable to least probable.

Linuxprivchecker

This is another privilege escalation checker that relies on python. Needless to say it does a similar job as the LinPeas but using python.

๐Ÿง
PEASS-ng/linPEAS at master ยท carlospolop/PEASS-ngGitHub
GitHub - rebootuser/LinEnum: Scripted Local Linux Enumeration & Privilege Escalation ChecksGitHub
GitHub - The-Z-Labs/linux-exploit-suggester: Linux privilege escalation auditing toolGitHub
GitHub - jondonas/linux-exploit-suggester-2: Next-Generation Linux Kernel Exploit SuggesterGitHub
GitHub - sleventyeleven/linuxprivchecker: linuxprivchecker.py -- a Linux Privilege Escalation Check ScriptGitHub
Logo
Logo
Logo
Logo
Logo