Added LinPEAS to Linux Privesc.
I very strongly recommend adding LinPEAS to the enumeration tools. LinPEAS is arguably the best linux privesc enumeration tool out there. If you haven't used it, I'd try it out. It highlights all relevant information with color coded text, and you can pass it parameters to control the thoroughness of the scan. You should add WinPEAS for windows privesc as well.patch-1
parent
1f96d34ddf
commit
ff3b45e0b7
|
@ -50,6 +50,19 @@
|
||||||
|
|
||||||
## Tools
|
## Tools
|
||||||
|
|
||||||
|
There are many scripts that you can execute on a linux machine which automatically enumerate sytem information, processes, and files to locate privilege escelation vectors.
|
||||||
|
Here are a few:
|
||||||
|
|
||||||
|
- [LinPEAS - Linux Privilege Escalation Awesome Script](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS)
|
||||||
|
|
||||||
|
```powershell
|
||||||
|
wget "https://raw.githubusercontent.com/carlospolop/privilege-escalation-awesome-scripts-suite/master/linPEAS/linpeas.sh" -O linpeas.sh
|
||||||
|
curl "https://raw.githubusercontent.com/carlospolop/privilege-escalation-awesome-scripts-suite/master/linPEAS/linpeas.sh" -o linpeas.sh
|
||||||
|
./linpeas.sh -a #all checks - deeper system enumeration, but it takes longer to complete.
|
||||||
|
./linpeas.sh -s #superfast & stealth - This will bypass some time consuming checks. In stealth mode Nothing will be written to the disk.
|
||||||
|
./linpeas.sh -P #Password - Pass a password that will be used with sudo -l and bruteforcing other users
|
||||||
|
```
|
||||||
|
|
||||||
- [LinuxSmartEnumeration - Linux enumeration tools for pentesting and CTFs](https://github.com/diego-treitos/linux-smart-enumeration)
|
- [LinuxSmartEnumeration - Linux enumeration tools for pentesting and CTFs](https://github.com/diego-treitos/linux-smart-enumeration)
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
|
|
Loading…
Reference in New Issue