PEASS-ng is a Linux privilege escalation scanner and post-exploitation enumeration tool. It identifies security vulnerabilities and misconfigurations on Linux systems that could lead to unauthorized elevated access. The tool functions as a security audit utility that discovers system weaknesses and sensitive information after initial access is gained. It scans operating systems to identify specific privilege escalation paths. Findings are converted into structured security audit reports. The tool supports exporting scan results into JSON, HTML, and PDF formats for formal analysis and documen
Seatbelt is a C# offensive security framework and host security auditor designed to perform endpoint surveys on Windows systems. It functions as a modular tool for identifying vulnerabilities, misconfigurations, and security-relevant artifacts on both local and remote hosts. The project distinguishes itself through a module-based check system that allows for the integration of custom security command units. It features a security event log parser to track logon and process activity, alongside a credential extraction utility for gathering browser history, saved passwords, and cloud credentials
This project is a security auditing tool and vulnerability scanner designed to evaluate the security posture of Linux hosts. It functions as a privilege escalation auditor that scans running kernels for missing security patches and vulnerabilities to identify potential paths for gaining root access. The utility performs kernel security analysis by matching system version strings against a database of known exploits. It audits kernel hardening settings and evaluates system exposure to categorize the probability of successful privilege escalation attacks. The tool covers a broad range of asses
LinEnum is a suite of security utilities for auditing Linux systems, scanning for privilege escalation paths, and enumerating local vulnerabilities. It functions as a system security audit tool, a local enumeration utility, and a scanner for identifying misconfigurations that could allow a user to gain root access. The project includes specialized auditing for containerized environments, specifically detecting Docker and LXC signatures to identify potential escape vectors to the host system. Its broader capabilities cover the analysis of kernel versions, the identification of SUID binaries a