30 open-source projects similar to secwiki/linux-kernel-exploits, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Linux Kernel Exploits alternative.
windows-kernel-exploits Windows平台提权漏洞集合
A collection of awesome penetration testing resources, tools and other shiny things
A list of public penetration test reports published by several consulting firms and academic security groups.
SecLists is a centralized library of security assessment data designed to support vulnerability discovery and penetration testing. It functions as a comprehensive repository of wordlists, payloads, and testing methodologies used to audit software, firmware, and internet-connected hardware for technical vulnerabilities. The project distinguishes itself through a standardized taxonomy and a language-agnostic data format, which allows security tools to predictably ingest and utilize its assets regardless of the underlying programming environment. By decoupling raw testing data from execution log
This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data i
dirtyfrag is a proof-of-concept exploit for Linux kernel privilege escalation. It targets page-cache write vulnerabilities to elevate user permissions to administrative root levels. The project demonstrates a deterministic exploit chain that utilizes functional proofs-of-concept for vulnerabilities in the xfrm-ESP protocol implementation and the RxRPC mechanism. By chaining these memory corruption vulnerabilities, the exploit achieves root access without relying on timing-based race conditions. The tool covers kernel memory manipulation and the development of exploit chains to test local pri
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
The exploitation is tested on Ubuntu22.04 official source code 5.15.0-25.25
LinEnum is a suite of security utilities for auditing Linux systems, scanning for privilege escalation paths, and enumerating local vulnerabilities. It functions as a system security audit tool, a local enumeration utility, and a scanner for identifying misconfigurations that could allow a user to gain root access. The project includes specialized auditing for containerized environments, specifically detecting Docker and LXC signatures to identify potential escape vectors to the host system. Its broader capabilities cover the analysis of kernel versions, the identification of SUID binaries a
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities.
Simple wrapper around some of the features of Rubeus and KrbRelay (and a few other honorable mentions in the acknowledgements section) in order to streamline the abuse of the following attack primitive:
This project is a set of specialized utilities for Windows vulnerability assessment and patch management auditing. It functions as a vulnerability scanner and exploit suggester that analyzes installed updates to identify missing security patches and their corresponding known vulnerabilities. The system distinguishes itself by matching missing updates against a consolidated vulnerability database to recommend specific publicly available exploits. It maintains accuracy by synchronizing remote security bulletins into a local database and cross-referencing identified gaps against official update
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
UACME is a set of specialized tools designed to audit security configurations, escalate user privileges, and circumvent access control restrictions on Windows systems. It functions as a utility for executing commands with elevated privileges by bypassing User Account Control restrictions. The project includes a configuration auditor used to extract and analyze system settings to identify security misconfigurations and vulnerabilities. It provides a collection of techniques for gaining administrative rights on a host. The toolset covers a wide range of privilege escalation and security auditi
PEASS-ng is a Linux privilege escalation scanner and post-exploitation enumeration tool. It identifies security vulnerabilities and misconfigurations on Linux systems that could lead to unauthorized elevated access. The tool functions as a security audit utility that discovers system weaknesses and sensitive information after initial access is gained. It scans operating systems to identify specific privilege escalation paths. Findings are converted into structured security audit reports. The tool supports exporting scan results into JSON, HTML, and PDF formats for formal analysis and documen
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
Another Windows Local Privilege Escalation from Service Account to System
linux-exploit-suggester is a diagnostic utility and vulnerability scanner designed to identify potential kernel exploits on Linux systems. It functions as a privilege escalation auditor by matching system information and kernel versions against a database of known security flaws. The tool differentiates itself by filtering and ranking exploits based on specific system properties and runtime security configurations. It evaluates kernel hardening settings, such as memory protection mechanisms, to discard inapplicable exploits and prioritize candidates by their probability of success. The softw
`` SweetPotato by @EthicalChaos Orignal RottenPotato code and exploit by @foxglovesec Weaponized JuciyPotato by @decoder_it and @Guitro along with BITS WinRM discovery PrintSpoofer discovery and original exploit by @itm4n EfsRpc built on EfsPotato by @zcgonvh and PetitPotam by @topotam -c,…
Next-Generation Linux Kernel Exploit Suggester