# Automated Privilege Escalation Scanners > Search results for `automate privilege escalation checks on Linux and Windows` on awesome-repositories.com. 117 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/automate-privilege-escalation-checks-on-linux-and-windows **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/automate-privilege-escalation-checks-on-linux-and-windows).** ## Results - [carlospolop/privilege-escalation-awesome-scripts-suite](https://awesome-repositories.com/repository/carlospolop-privilege-escalation-awesome-scripts-suite.md) (20,003 ⭐) — This project is a post-exploitation framework and privilege escalation script suite designed to scan local system configurations for security gaps. It serves as a system enumeration toolset used to identify paths for gaining higher administrative privileges on a target host. The suite incorporates capabilities for security penetration testing and vulnerability assessment reporting. It uses shell-based system enumeration and pattern-based vulnerability matching to detect misconfigurations, while employing heuristic-based permission analysis to evaluate system flags. Findings are gathered through system enumeration analysis and can be exported into structured JSON, HTML, or PDF formats for reporting. The framework utilizes cross-platform scripting logic to maintain consistent scanning logic across different operating systems. - [dockur/windows](https://awesome-repositories.com/repository/dockur-windows.md) (51,718 ⭐) — This project provides a containerized virtualization engine that runs full Windows operating system instances within isolated containers. By acting as a cross-platform virtualization runtime, it enables the deployment of desktop environments on any host that supports standard container runtimes, ensuring consistent execution across diverse infrastructure. The system distinguishes itself by utilizing kernel-level virtualization primitives and hardware emulation to execute guest operating systems. It leverages accelerated kernel execution to offload CPU instructions to the host processor for performance, while simultaneously employing hardware emulation to allow non-native hosts to run unmodified guest binaries. This combination allows for the creation of ephemeral, reproducible desktop environments that can be managed through standard orchestration tools and command-line interfaces. The platform supports automated infrastructure deployment by treating Windows instances as lightweight, containerized workloads. It manages persistent storage through virtual disk overlays and utilizes layered image composition to facilitate rapid deployment. These capabilities enable the encapsulation of legacy applications and support cross-platform testing of Windows-specific software without requiring dedicated physical hardware. - [adaptivethreat/bloodhound](https://awesome-repositories.com/repository/adaptivethreat-bloodhound.md) (10,552 ⭐) — Bloodhound is an Active Directory attack path mapper and security auditor designed to visualize trust relationships and permission chains. It serves as an attack surface management tool that identifies paths to domain administrator and other high-privileged accounts. The project uses a graph database analyzer to map complex identity and access relationships. It quantifies the risk of privilege escalation by identifying misconfigured permissions and trust links within Windows domains. The system provides capabilities for Active Directory security analysis, identity and access auditing, and network attack path visualization to detect potential security vulnerabilities. - [ausjock/privilege-escalation](https://awesome-repositories.com/repository/ausjock-privilege-escalation.md) (0 ⭐) - [mas-cli/mas](https://awesome-repositories.com/repository/mas-cli-mas.md) (12,235 ⭐) — This project provides a command-line interface for managing the lifecycle of applications from the Apple App Store. It functions as a package manager for macOS, enabling users to search for software, install new applications, and maintain existing installations directly through terminal commands. The tool distinguishes itself by wrapping private system APIs to perform store operations that are typically restricted to the graphical user interface. It integrates with the operating system to handle administrative privilege elevation, allowing for secure, automated modifications to protected application files during installation and update processes. Beyond basic installation, the utility facilitates system maintenance by auditing installed software and comparing local versions against official store metadata. This allows for the identification of outdated applications and the automation of software updates across multiple machines, supporting consistent environment provisioning through scripted workflows. - [getgrav/grav](https://awesome-repositories.com/repository/getgrav-grav.md) (15,395 ⭐) — Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from structured data schemas, allowing for complex content management without requiring custom code. A secure, sandboxed templating engine handles the rendering of content into HTML, supporting template inheritance and custom filters. The system provides a comprehensive suite of capabilities, including advanced media processing, multi-language support, and granular access control. It features robust automation tools for scheduling background tasks, managing site backups, and synchronizing content via version control. Developers can extend the core functionality through a modular plugin system, which allows for deep integration with external services and custom logic injection throughout the application lifecycle. The project is designed for flexible deployment, supporting containerized environments and standard web server configurations. It includes extensive documentation and CLI tools to facilitate local development, package management, and automated system updates. - [kabot/unix-privilege-escalation-exploits-pack](https://awesome-repositories.com/repository/kabot-unix-privilege-escalation-exploits-pack.md) (821 ⭐) — Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc. - [malwaredllc/byob](https://awesome-repositories.com/repository/malwaredllc-byob.md) (9,478 ⭐) — This project is a post-exploitation framework and command and control platform designed for security research and penetration testing. It functions as a remote access tool consisting of a central command server and encrypted executable payloads that establish reverse shell connections. The system utilizes a web-based dashboard for multi-client administration, allowing for remote host monitoring and direct shell access through an in-browser terminal. It generates cross-platform, encrypted binaries that employ a multi-stage delivery chain and a key exchange mechanism to secure communications. The platform includes capabilities for in-memory module execution to avoid disk artifacts, alongside sandbox and virtual machine detection to evade security software. Its functional surface covers post-exploitation tasks such as remote privilege escalation and data collection through a suite of modules for keystroke capture and network sniffing. - [google-gemini/gemini-cli](https://awesome-repositories.com/repository/google-gemini-gemini-cli.md) (105,341 ⭐) — This project provides a command-line interface for managing autonomous agent workflows, task orchestration, and system-level automation. It includes a comprehensive framework for defining agent skills, managing persistent memory, and delegating tasks to specialized subagents. Users can configure complex planning modes, execute shell commands with safety constraints, and integrate external tools through standardized protocols. The platform supports non-interactive execution via a headless mode and provides an event-driven hook framework for custom lifecycle automation. It features centralized configuration for model routing, system prompts, and cost management, alongside a modular extension system for adding custom commands and capabilities. The interface also includes diagnostic tools, file system management utilities, and repository-level automation for maintenance tasks. - [checkly/terraform-provider-checkly](https://awesome-repositories.com/repository/checkly-terraform-provider-checkly.md) (44 ⭐) — Terraform provider for the Checkly monitoring service - [hiddify/hiddify-app](https://awesome-repositories.com/repository/hiddify-hiddify-app.md) (30,948 ⭐) — Hiddify is a cross-platform proxy client designed to manage secure network connections and traffic routing across desktop and mobile operating systems. It functions as a unified proxy manager, providing a centralized interface to configure and control various network proxy protocols for encrypted and private internet access. The application distinguishes itself by integrating local loopback interception, which configures the operating system network stack to route traffic through a local port for granular filtering. It also serves as a self-hosted infrastructure tool, enabling users to automate the deployment of private proxy servers on remote infrastructure through simplified command-line initialization. The system maintains consistency across environments by synchronizing remote server states through declarative configuration files and utilizing an event-driven daemon to monitor proxy health and network state changes. It employs a shared bridge layer to interact with native system APIs and firewall rules, while bundling all necessary dependencies into a singular, self-contained executable package. - [peass-ng/peass-ng](https://awesome-repositories.com/repository/peass-ng-peass-ng.md) (19,337 ⭐) — PEASS-ng is an automated penetration testing framework designed to identify privilege escalation vectors on local systems. It functions as a security assessment utility that scans environments for misconfigurations, sensitive files, and insecure permissions to uncover paths for unauthorized privilege elevation. The project distinguishes itself through a modular script-based enumeration engine that adapts to the target environment. It utilizes environment-aware capability detection and cross-platform shell abstraction to normalize data collection across diverse operating systems, while operating primarily within volatile memory to minimize its forensic footprint. The framework covers a broad range of post-exploitation assessment tasks, including automated security auditing for both Linux and Windows environments. It employs pattern-matching heuristic analysis to systematically query system configurations and identify security gaps during authorized security assessments. - [powershellempire/empire](https://awesome-repositories.com/repository/powershellempire-empire.md) (7,843 ⭐) — Empire is a post-exploitation framework and command and control server designed to manage remote access agents. It provides a centralized system for coordinating these agents and executing specialized scripts across target systems. The project functions as a security evasion tool by adapting network communication patterns to bypass firewalls and monitoring tools. It utilizes a multi-language agent runtime and a modular plugin architecture to execute payloads across different operating systems. The framework covers a broad range of operational capabilities, including remote agent orchestration, privilege escalation workflows, and intelligence gathering. It also manages the deployment and lifecycle of remote agents to maintain persistent system control. - [sagishahar/lpeworkshop](https://awesome-repositories.com/repository/sagishahar-lpeworkshop.md) (2,091 ⭐) — Windows / Linux Local Privilege Escalation Workshop - [homebrew/homebrew-core](https://awesome-repositories.com/repository/homebrew-homebrew-core.md) (15,383 ⭐) — This project is a Ruby-based package definition repository that functions as a cross-platform package manager and software dependency resolver for macOS and Linux. It provides a centralized system for installing, updating, and managing software through a Git-based distribution model. The system distinguishes itself through a binary package distribution network that produces pre-compiled bottles to avoid local compilation from source. It utilizes a Ruby-based domain specific language to define installation recipes and employs a distributed version control architecture to synchronize these definitions across a global network of users. The project covers a broad surface of capabilities including declarative dependency resolution, checksum-based integrity verification, and sandbox-isolated build processes. It also includes tools for background service management, automated package maintenance, and the integration of third-party repositories. The repository contains the collection of installation recipes and dependency specifications used to automate software provisioning. - [homebrew/legacy-homebrew](https://awesome-repositories.com/repository/homebrew-legacy-homebrew.md) (26,849 ⭐) — This project is a command line package manager and dependency management engine used for installing, updating, and removing software packages across different operating systems. It functions as a package recipe system and software repository administrator, utilizing declarative scripts to define software sources, build arguments, and installation steps. The system operates as a binary distribution platform that compiles source code into pre-compiled binaries and distributes them through remote repositories. It includes an automated version tracker that monitors upstream software releases and automates version updates via pull requests to keep the software library current. The project provides broad capabilities for build environment configuration, ensuring reproducible builds through standardized compilation flags and isolated environments. It manages language-specific runtimes for Python, Node, and Java, including the creation of isolated virtual environments to prevent dependency conflicts. Additionally, it includes security primitives for checksum verification, build provenance validation, and repository trust management. The interface is extended via command-line tools that support unattended installation, system health diagnostics, and the management of background services. - [powershellmafia/powersploit](https://awesome-repositories.com/repository/powershellmafia-powersploit.md) (12,880 ⭐) — PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execution and reflective loading, the modules allow for the operation of payloads without writing files to the disk, assisting in the simulation of advanced adversary behavior. Beyond core exploitation tasks, the project supports network reconnaissance and the modification of existing scripts to test system responses. These tools are intended for authorized security assessments and the hardening of individual workstations against potential vulnerabilities. - [sleventyeleven/linuxprivchecker](https://awesome-repositories.com/repository/sleventyeleven-linuxprivchecker.md) (1,808 ⭐) — linuxprivchecker.py -- a Linux Privilege Escalation Check Script - [hfiref0x/uacme](https://awesome-repositories.com/repository/hfiref0x-uacme.md) (7,375 ⭐) — UACME is a set of specialized tools designed to audit security configurations, escalate user privileges, and circumvent access control restrictions on Windows systems. It functions as a utility for executing commands with elevated privileges by bypassing User Account Control restrictions. The project includes a configuration auditor used to extract and analyze system settings to identify security misconfigurations and vulnerabilities. It provides a collection of techniques for gaining administrative rights on a host. The toolset covers a wide range of privilege escalation and security auditing methodologies. This includes the use of registry modification, token manipulation, and the exploitation of trusted system binaries via DLL hijacking and COM interface manipulation to achieve high-integrity process execution. - [homebrew/brew](https://awesome-repositories.com/repository/homebrew-brew.md) (48,527 ⭐) — Homebrew is a command-line package management tool designed to automate the installation, configuration, and maintenance of software on local development environments. It functions as a cross-platform software distributor, enabling users to install tools from pre-compiled binary archives or source code without requiring administrative privileges. By managing complex dependency trees and versioning, it ensures that software remains consistent and compatible across different system architectures. The project distinguishes itself through a declarative approach to system configuration, allowing users to define and synchronize their desired software state using a domain-specific language. It leverages version-controlled repositories for package definitions, which facilitates decentralized community contributions and modular management. To maintain system integrity, it executes installations within sandboxed environments and utilizes shim-based wrappers to dynamically manage environment paths, preventing system-wide pollution while providing on-demand installation suggestions. Beyond core package management, the framework provides extensive utilities for development environment orchestration. It supports isolated runtimes for various programming languages, manages environment variables, and offers tools for auditing build integrity and automating package updates. The system also includes features for exporting and importing configuration states, enabling reproducible environments across different machines. - [pgssoft/automate](https://awesome-repositories.com/repository/pgssoft-automate.md) (291 ⭐) — Swift framework containing a set of helpful XCTest extensions for writing UI automation tests - [zoicware/removewindowsai](https://awesome-repositories.com/repository/zoicware-removewindowsai.md) (12,050 ⭐) — RemoveWindowsAI is a Windows system debloater and component removal tool designed to delete protected system files and machine learning libraries by bypassing standard installation restrictions. It functions as an OS customizer and registry optimizer that modifies configuration keys and group policies to disable specific system features and application functionalities. The tool prevents the automatic reinstallation of removed components by marking packages as deprovisioned or deploying dummy update packages. It also enables the restoration of traditional workflows by replacing modern integrated system utilities with legacy application versions. The software covers a broad range of system optimization capabilities, including the removal of background tasks, the deactivation of integrated AI components, and the deletion of restricted system packages. It includes automated cleanup sequences for non-interactive execution and utilities to rollback system changes to restore previously removed settings. - [sofie-automation/sofie-tv-automation](https://awesome-repositories.com/repository/sofie-automation-sofie-tv-automation.md) (0 ⭐) — Sofie is a web-based TV automation system for studios and live shows, used in daily live TV news productions by the Norwegian public service broadcaster NRK since September 2018. - [caddyserver/caddy](https://awesome-repositories.com/repository/caddyserver-caddy.md) (73,492 ⭐) — Caddy is an extensible, modular web server platform designed for high-performance traffic management and automated security. At its core, it functions as a dynamic HTTP gateway that handles request routing, static asset delivery, and reverse proxying through a chain of configurable handler modules. The system is built on a modular architecture that allows developers to extend server functionality by registering custom components, all managed through a unified lifecycle and provisioning framework. What distinguishes Caddy is its focus on automated infrastructure and zero-downtime operations. It provides native, automated HTTPS management by handling the entire lifecycle of TLS certificates, including issuance and renewal via public or private certificate authorities. The server state is managed through a JSON-driven configuration schema that supports atomic, background validation and swapping, enabling real-time updates to routing rules and server settings without interrupting active connections. The platform offers a comprehensive suite of tools for observability and control, including a dedicated administrative API for managing server state and inspecting metrics. It supports complex traffic filtering through flexible request matching, allowing for granular control over how incoming traffic is processed. Developers can define server behavior using a declarative configuration syntax, which the system validates and converts into its native JSON format for deployment. - [zbezj/heu_kms_activator](https://awesome-repositories.com/repository/zbezj-heu-kms-activator.md) (41,965 ⭐) — HEU_KMS_Activator is a software license management tool designed to automate the registration and validation of product keys for operating systems and productivity software suites. It functions as a system configuration manager, modifying registry settings and service states to align software licensing status with specific deployment requirements. The utility distinguishes itself through low-level system manipulation, including the injection of signed drivers into memory to intercept license verification routines. It employs memory patching to bypass security checks without altering files on disk, utilizes system file hooking to redirect internal function calls, and hosts a virtual server to emulate official activation services. These processes are executed with administrative privileges to modify protected configuration files and generate cryptographically signed tokens. Beyond its core activation functions, the tool provides capabilities for software lifecycle administration and system configuration automation. It includes a defined set of project principles to guide development and maintain operational standards for the codebase. - [dandavison/delta](https://awesome-repositories.com/repository/dandavison-delta.md) (31,136 ⭐) — Delta is a command-line pager that enhances the readability of terminal output by applying syntax highlighting and structured formatting to text streams. It functions as a specialized interface for version control systems, transforming standard output into color-coded, human-readable views. The tool distinguishes itself through its ability to render side-by-side diff comparisons and visualize merge conflicts with clear, semantic highlighting. It dynamically calculates column widths and text alignment to fit complex file comparisons within the constraints of a terminal window, while allowing users to map token types to custom color palettes via external configuration files. Beyond diff viewing, the project provides utilities for formatting git blame output, highlighting search results, and displaying line numbers. It processes input line-by-line to maintain a low memory footprint, integrating external language definitions to ensure accurate syntax coloring across various codebases. - [a13xp0p0v/kconfig-hardened-check](https://awesome-repositories.com/repository/a13xp0p0v-kconfig-hardened-check.md) (2,092 ⭐) — A tool for checking the security hardening options of the Linux kernel - [hellzerg/optimizer](https://awesome-repositories.com/repository/hellzerg-optimizer.md) (18,030 ⭐) — This utility provides a centralized administrative framework for managing and optimizing Windows environments. It functions by executing system-level primitives, including registry modifications, service management, and file system operations, to enforce performance, privacy, and security policies. The project distinguishes itself through its template-driven automation, which allows users to apply predefined configuration profiles to ensure consistent system states across machines. It integrates low-level adjustments—such as memory balancing, startup control, and hardware parameter tuning—with a suite of diagnostic tools for network and system integrity. Beyond core performance tuning, the software includes comprehensive management capabilities for software lifecycles, interface customization, and privacy hardening. It facilitates the removal of unwanted applications, the restriction of telemetry services, and the modification of system host files to block unwanted traffic. The tool operates by requesting administrative privileges to perform its maintenance routines and supports command-line arguments for integration into external automation workflows. - [go-check/check](https://awesome-repositories.com/repository/go-check-check.md) (0 ⭐) - [homebridge/homebridge](https://awesome-repositories.com/repository/homebridge-homebridge.md) (25,398 ⭐) — Homebridge is a Node.js home automation server that acts as a bridge to expose non-native smart home devices to Apple HomeKit. It functions as a plugin-based framework that maps proprietary device APIs to standardized home automation services and protocols. The system utilizes a modular plugin architecture and a protocol emulation layer to make third-party hardware appear as native accessories. It further supports cross-platform compatibility by acting as a Matter device bridge, allowing Matter-standard hardware to connect to various home automation controllers. The software includes a web interface for managing plugins and configuration, as well as tools for monitoring system logs and bridge status. It provides mechanisms for isolating plugins into separate child processes to improve system stability and uses mDNS to broadcast device availability on a local network. Homebridge can be deployed across multiple platforms, including NAS devices, routers, and virtual machines. - [addyosmani/agent-skills](https://awesome-repositories.com/repository/addyosmani-agent-skills.md) (60,849 ⭐) — Agent-skills is a collection of structured instructions and behavioral personas designed to standardize how AI coding agents perform engineering tasks. It functions as a workflow orchestrator that maps natural language intent to repeatable technical sequences and verification checklists. The project distinguishes itself through the use of specialized markdown-defined roles, such as security auditors or test engineers, to apply targeted domain expertise. It employs an evidence-based verification model that requires runtime data or passing tests as mandatory exit criteria to ensure AI-generated code meets production standards. The system covers a broad range of engineering capabilities, including technical specification automation, multi-axis code reviews, and test-driven development. It also provides frameworks for context management, security auditing, and the orchestration of parallel agent tasks to synthesize findings into consolidated reports. These skills are implemented as standardized instructions and commands that can be loaded into an agent via auto-discovery or explicit installation. - [redis-windows/redis-windows](https://awesome-repositories.com/repository/redis-windows-redis-windows.md) (3,485 ⭐) — This project is a native Windows port of the Redis in-memory key-value store. It provides a high-speed database that maintains datasets in RAM while using periodic snapshots to disk for data persistence. The implementation includes a background system service wrapper, allowing the data store to be installed as a Windows service that starts automatically upon computer boot. It utilizes native Windows compilation to enable execution directly on the host operating system. The system covers in-memory data caching and local data persistence, ensuring that information is recovered after a process restart or system stop. It also handles operating system specific path resolution for storing data snapshots in valid local folders. - [chatwoot/chatwoot](https://awesome-repositories.com/repository/chatwoot-chatwoot.md) (31,959 ⭐) — Chatwoot is a self-hosted, omnichannel customer support platform designed to aggregate messages from diverse social and digital channels into a single, collaborative team inbox. It provides organizations with full data ownership and control over their support infrastructure, ensuring strict logical separation of customer data through multi-tenant architecture. By centralizing communication, the platform enables teams to manage, route, and resolve inquiries within a unified workspace that maintains complete interaction history for every contact. The platform distinguishes itself through an event-driven automation engine and a visual rule builder that allow teams to manage conversations and workflows without writing custom code. It incorporates intelligent features such as automated response drafting, conversation context recall, and a self-service knowledge base to improve agent efficiency. These capabilities are supported by granular role-based access controls and comprehensive performance analytics, which provide insights into agent productivity, inbox activity, and customer satisfaction trends. Beyond its core messaging and routing functions, the system offers a broad suite of operational tools including proactive engagement triggers, team workload balancing, and multilingual support. It supports flexible deployment strategies, including containerized and cloud-native orchestration, to accommodate various production environments. The platform is designed for extensibility, allowing for custom attribute management and integration with external systems via webhooks and API-based channels. - [fevar54/cve-2026-20245---cisco-sd-wan-privilege-escalation-exploit](https://awesome-repositories.com/repository/fevar54-cve-2026-20245-cisco-sd-wan-privilege-escalation-exploit.md) (0 ⭐) - [gtfobins/gtfobins.github.io](https://awesome-repositories.com/repository/gtfobins-gtfobins-github-io.md) (12,669 ⭐) — GTFOBins is a curated knowledge base documenting security-related techniques for Unix-based system binaries. It serves as a reference for offensive security research, detailing how standard, pre-installed system utilities can be repurposed to facilitate privilege escalation, restricted environment escapes, and post-exploitation workflows. The project distinguishes itself by cataloging insecure execution paths and misconfigured permissions inherent in common system tools. By identifying legitimate binary functions that can be leveraged to bypass security controls, the repository provides a structured index for auditing local system security and understanding methods for maintaining control during security assessments. The platform is built as a static site that separates technical content from its visual presentation. It utilizes a standardized data schema to store binary specifications, which are processed through a template-driven build system to generate the final documentation. A pre-computed index enables client-side search functionality, allowing users to filter and locate specific binary techniques directly within the browser without a backend database. - [bazelbuild/bazel](https://awesome-repositories.com/repository/bazelbuild-bazel.md) (25,529 ⭐) — Bazel is a multi-language build automation engine designed to manage complex dependency graphs and execute compilation tasks for massive codebases. It functions as a hermetic build environment, utilizing sandboxed execution and content-addressable caching to ensure that build artifacts are reproducible and that identical tasks are never re-executed. By modeling dependencies as a directed acyclic graph, the system determines optimal execution order and identifies tasks that can run in parallel. The project distinguishes itself through its support for distributed build execution, allowing resource-intensive compilation and testing to be offloaded to remote computing clusters. It further optimizes development cycles by employing persistent worker processes that keep tools loaded in memory, eliminating the overhead of repeated initialization. Users can inspect and analyze project structures through a specialized query language, which provides deep visibility into dependency relationships and metadata. Beyond its core execution model, the system provides comprehensive tools for managing external dependencies across diverse programming languages and maintaining build pipeline observability. It offers granular control over build semantics, execution strategies, and test environments, enabling teams to scale their development workflows while maintaining consistent performance. The project includes extensive command-line documentation and configuration references to assist in managing build tasks and verifying project states. - [linux-surface/linux-surface](https://awesome-repositories.com/repository/linux-surface-linux-surface.md) (7,413 ⭐) — This project provides a customized Linux kernel and driver suite designed to enable hardware compatibility for Surface devices. It focuses on building and patching the Linux kernel to provide driver support for proprietary hardware components that are missing from the upstream source. The system includes a secure boot kernel signing mechanism and a process for enrolling custom keys into the system firmware. This allows the execution of patched kernels while maintaining system security protections. The project covers peripheral driver support for touchscreens, styluses, and keyboards, as well as input management for multitouch and gestures. It also includes power and performance utilities for battery telemetry monitoring, discrete GPU power management, and system sleep state control. Additional capabilities include pre-boot input support to enable keyboards during disk decryption and a coordination system for clipboard detachment. - [gentilkiwi/mimikatz](https://awesome-repositories.com/repository/gentilkiwi-mimikatz.md) (21,630 ⭐) — Mimikatz is a security research suite designed for auditing Windows authentication and managing system security configurations. It provides a comprehensive framework for extracting sensitive credentials, manipulating process privileges, and managing digital identity assets directly from system memory or offline memory dumps. The project distinguishes itself through advanced system-level exploitation techniques, including runtime process injection, API hooking, and the ability to bypass cryptographic export restrictions. It features a specialized toolkit for Kerberos protocol operations, allowing for the inspection, forgery, and injection of authentication tickets to evaluate network identity security. Additionally, it supports the extraction of authentication secrets from the Local Security Authority and the local security account database. Beyond its core auditing capabilities, the suite includes utilities for managing system services, digital certificates, and cryptographic providers. It offers functionality for privilege escalation, user session impersonation, and the synchronization of data from domain controllers. The tool also provides observability features such as session logging, output encoding, and network route monitoring to assist in the analysis of administrative and security-related actions. - [flameshot-org/flameshot](https://awesome-repositories.com/repository/flameshot-org-flameshot.md) (30,209 ⭐) — This project is a desktop screen capture and annotation utility designed for Linux environments. It provides an interactive graphical overlay that allows users to select specific screen regions, apply visual annotations such as shapes, text, and pixelation, and manage the resulting images through a configurable post-capture pipeline. The application distinguishes itself through deep system integration and automation capabilities. It operates as a persistent background daemon that monitors global hotkeys and supports inter-process communication via a system message bus, enabling users to trigger captures or manage workflows programmatically through terminal commands and external scripts. This architecture allows the tool to replace default system screenshot utilities while maintaining a consistent state through local configuration files. Beyond core capture and editing, the software includes extensive support for workflow customization and content distribution. Users can define custom keyboard shortcuts, adjust interface themes, and automate tasks such as saving files to disk, copying to the clipboard, or uploading images directly to remote hosting services. The tool also provides mechanisms for redacting sensitive information from captures before they are shared or stored. The software is distributed through standard system package managers, with options to retrieve pre-compiled builds for testing new features. It requires appropriate system permissions to access screen content and integrate with the desktop environment. - [rikkaapps/shizuku](https://awesome-repositories.com/repository/rikkaapps-shizuku.md) (26,413 ⭐) — Shizuku is a framework that enables standard mobile applications to interact with restricted system-level interfaces and services. By acting as a bridge between the user space and protected system functions, it allows applications to perform privileged operations that are typically inaccessible due to standard operating system sandbox limitations. The project functions by routing requests through a persistent background service, which facilitates communication with internal system services and remote interfaces. This architecture allows for the execution of system-level tasks and the management of application permissions without requiring full root access on the device. It achieves this by leveraging existing developer debugging interfaces to inject necessary privileges during the initial runtime handshake. The framework provides a comprehensive set of tools for managing system access, including the ability to intercept and redirect calls to internal interfaces and verify the current execution environment. It supports the development of specialized utilities that require elevated capabilities to function, effectively extending the reach of standard applications while maintaining a structured approach to system-level authorization. - [lkl/linux](https://awesome-repositories.com/repository/lkl-linux.md) (905 ⭐) — Linux kernel source tree - [samratashok/nishang](https://awesome-repositories.com/repository/samratashok-nishang.md) (9,951 ⭐) — Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication and data exfiltration. The framework covers a broad surface of offensive operations, including privilege escalation through token manipulation, credential harvesting from memory and registry hives, and the generation of weaponized documents. It also facilitates lateral movement via network pivoting, man-in-the-middle traffic interception, and the establishment of persistent backdoors. The toolset is implemented primarily in PowerShell. - [thejh/linux](https://awesome-repositories.com/repository/thejh-linux.md) (18 ⭐) — Linux kernel source tree - [davila7/claude-code-templates](https://awesome-repositories.com/repository/davila7-claude-code-templates.md) (20,933 ⭐) — Claude Code Templates is a comprehensive framework for orchestrating specialized AI agents and automating development workflows within local environments. It provides a structured system for defining, configuring, and deploying AI personas that handle specific technical tasks, ranging from backend architecture and frontend implementation to security auditing and infrastructure management. The project distinguishes itself through a configuration-driven approach that allows teams to standardize development environments and share reusable agent definitions across projects. It includes a robust CLI toolkit for managing the entire agent lifecycle, from discovery and installation to execution and performance monitoring. By utilizing standardized protocols and modular function definitions, it enables seamless integration of external services and local tools into the assistant's capabilities. Beyond core agent management, the platform offers extensive support for workflow automation, including event-driven hooks, custom slash commands, and automated testing pipelines. It incorporates security-focused features such as granular permission enforcement, sandbox execution environments, and automated secret scanning to ensure safe operation. The system also provides observability tools, including real-time dashboards for tracking agent performance, token usage, and conversation history. - [mgedmin/check-manifest](https://awesome-repositories.com/repository/mgedmin-check-manifest.md) (0 ⭐) — check-manifest - [dotnet/core](https://awesome-repositories.com/repository/dotnet-core.md) (21,897 ⭐) — This project is a cross-platform development framework and managed runtime environment designed for building high-performance applications. It provides a comprehensive toolkit for constructing web services, cloud-native microservices, and desktop applications, utilizing a unified runtime that handles memory management and execution across diverse operating systems. The framework distinguishes itself through a native ahead-of-time compilation toolchain that transforms source code into optimized, self-contained machine code binaries. This capability enables fast startup times and reduced memory footprints, while the built-in dependency injection container and layered configuration system provide a structured approach to managing application lifecycles, service lifetimes, and complex configuration data. Beyond its core execution model, the project includes extensive support for observability, data persistence, and background task orchestration. It offers standardized libraries for networking, cryptography, and serialization, alongside tools for containerization and the modernization of legacy codebases. Developers can leverage these features to build intelligent, data-driven applications that integrate with modern AI services and distributed systems. The project provides command-line tools for managing development environments, SDK versions, and build workflows, with documentation and installation scripts available to support setup across various host environments. - [swisskyrepo/payloadsallthethings](https://awesome-repositories.com/repository/swisskyrepo-payloadsallthethings.md) (78,434 ⭐) — This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data integrity and collaborative growth by utilizing version-controlled knowledge management and template-driven content generation, ensuring that the research remains current and consistent across a wide range of technical domains. The project covers a broad capability surface, including detailed references for web application security, database injection, insecure deserialization, and AI model security testing. It also aggregates external resources, such as research papers and third-party tools, to provide a holistic view of modern threat analysis and defensive research. The documentation is organized as a hierarchical tree of markdown files, designed for easy navigation and reference during active security engagements. - [mikeroyal/windows-11-guide](https://awesome-repositories.com/repository/mikeroyal-windows-11-guide.md) (1,756 ⭐) — Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources. - [duckdb/duckdb](https://awesome-repositories.com/repository/duckdb-duckdb.md) (38,805 ⭐) — DuckDB is an in-process analytical database engine designed to run directly within an application process. As a zero-dependency, embedded system, it provides enterprise-grade SQL data processing capabilities without the overhead of managing a dedicated database server. It is built to handle complex analytical and aggregation tasks by storing and retrieving information in columns, allowing for high-performance relational data manipulation. The engine distinguishes itself through a columnar vectorized execution model that maximizes CPU cache efficiency during query operations. It employs adaptive query optimization to dynamically select execution plans at runtime and utilizes zero-copy ingestion to map external data formats directly into memory. To facilitate integration with analytical programming environments, the system supports high-performance data exchange through standardized memory formats and provides specialized connectors for Python, R, and Java. The project covers a broad capability surface, including advanced relational join operations, incremental result streaming for large datasets, and flexible data ingestion from various file formats. It supports complex data types and provides a comprehensive command-line interface for interactive session management and batch processing. The codebase is designed for portability, offering single-file amalgamation to simplify integration into external projects and build systems. - [dafthack/cloudpentestcheatsheets](https://awesome-repositories.com/repository/dafthack-cloudpentestcheatsheets.md) (2,802 ⭐) — CloudPentestCheatsheets is a knowledge base and curated set of technical instructions for executing penetration tests on cloud-native architecture. It serves as a security audit guide and cheat sheet for auditing security and identifying misconfigurations across major cloud environments. The project provides structured materials for performing cloud penetration testing, security auditing, and asset enumeration. These resources are organized to support multi-cloud security assessments through the evaluation of offensive security postures across various cloud service providers. The technical guidance is delivered via modular provider segmentation and a checklist-driven workflow. It utilizes curated command libraries and a markdown-based flat-file organization to store instructional content and provider-specific commands.