# peass-ng/PEASS-ng

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/peass-ng-peass-ng).**

19,337 stars · 3,344 forks · C# · other

## Links

- GitHub: https://github.com/peass-ng/PEASS-ng
- Homepage: https://book.hacktricks.xyz
- awesome-repositories: https://awesome-repositories.com/repository/peass-ng-peass-ng.md

## Topics

`bash` `batch` `batch-script` `color` `csharp` `enumeration` `exe` `linpe` `linpeas` `linux` `one-liner` `oneliner` `peas` `privesc` `script` `shell` `unix` `windows` `winpeas`

## Description

PEASS-ng is an automated penetration testing framework designed to identify privilege escalation vectors on local systems. It functions as a security assessment utility that scans environments for misconfigurations, sensitive files, and insecure permissions to uncover paths for unauthorized privilege elevation.

The project distinguishes itself through a modular script-based enumeration engine that adapts to the target environment. It utilizes environment-aware capability detection and cross-platform shell abstraction to normalize data collection across diverse operating systems, while operating primarily within volatile memory to minimize its forensic footprint.

The framework covers a broad range of post-exploitation assessment tasks, including automated security auditing for both Linux and Windows environments. It employs pattern-matching heuristic analysis to systematically query system configurations and identify security gaps during authorized security assessments.

## Tags

### Security & Cryptography

- [Privilege Escalation Tools](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools.md) — Scans systems for misconfigurations and insecure permissions to identify paths for unauthorized privilege elevation. ([source](https://book.hacktricks.xyz))
- [Penetration Testing Suites](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/penetration-testing-suites.md) — Provides a suite of tools for security professionals to discover and exploit system weaknesses during penetration tests.
- [Linux Enumeration](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools/linux-enumeration.md) — Identifies misconfigurations and insecure permissions on Linux systems to facilitate privilege escalation.
- [Windows Enumeration](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools/windows-enumeration.md) — Scans Windows environments for weak configurations and sensitive data to discover paths for privilege elevation.
- [Security Testing and Auditing](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing.md) — Automates comprehensive system checks to uncover vulnerabilities and security gaps across diverse environments.
- [Post-Exploitation Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/post-exploitation-tools.md) — Analyzes compromised systems to identify further escalation vectors and expand control after initial access.
- [Memory-Only Execution](https://awesome-repositories.com/f/security-cryptography/volatile-memory-processing/memory-only-execution.md) — Operates primarily within volatile memory to avoid leaving permanent traces on the target system.

### Development Tools & Productivity

- [Script Execution Engines](https://awesome-repositories.com/f/development-tools-productivity/script-execution-engines.md) — Provides an execution environment for modular shell scripts to systematically query system configurations.

### Software Engineering & Architecture

- [Plugin-Based Architectures](https://awesome-repositories.com/f/software-engineering-architecture/software-architecture/architectural-patterns/plugin-module-systems/modular-plugin-architectures/plugin-based-architectures.md) — Organizes security checks into independent, loadable modules to allow selective execution based on target requirements.