performing-privilege-escalation-assessment

Featured

Performs privilege escalation assessments on compromised Linux and Windows systems to identify paths from low-privilege access to root or SYSTEM-level control. The tester enumerates misconfigurations, vulnerable services, kernel exploits, SUID binaries, unquoted service paths, and credential stores to demonstrate the full impact of an initial compromise. Activates for requests involving privilege escalation testing, local exploitation, post-compromise escalation, or OS-level security assessment.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Performing Privilege Escalation Assessment ## When to Use - After gaining initial low-privilege access during a penetration test to demonstrate full system compromise - Assessing the security hardening of Linux and Windows servers against local privilege escalation attacks - Evaluating whether endpoint detection and response (EDR) tools detect common privilege escalation techniques - Testing the effectiveness of least-privilege policies and application whitelisting on endpoints - Validating that container breakout and VM escape controls are properly configured **Do not use** without written authorization, against production systems where exploitation could cause downtime, or for deploying kernel exploits on systems without prior approval and rollback capability. ## Prerequisites - Low-privilege shell access (reverse shell, SSH, RDP) to the target system obtained through authorized means - Privilege escalation enumeration scripts: linPEAS (Linux), winPEAS (Windows), Linux Smart Enumeration (LSE) - Compiled kernel exploits for common CVEs or access to compilation tools on the target - GTFOBins reference for Linux SUID/sudo binary abuse and LOLBAS reference for Windows living-off-the-land binaries - Precompiled post-exploitation binaries for the target architecture if compilation is not available on the target ## Workflow ### Step 1: System Enumeration Gather comprehensive information about the target system: **Linux Enumeration:** - `id && whoami` - Current user and ...

Details

Author: mukul975
Repository: mukul975/Anthropic-Cybersecurity-Skills
Created: 3 months ago
Last Updated: today
Language: Python
License: Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

linux-privilege-escalation

Execute systematic privilege escalation assessments on Linux systems to identify and exploit misconfigurations, vulnerable services, and security weaknesses that allow elevation from low-privilege user access to root-level control.

39,227 Updated today

sickn33

AI & Automation Listed

linux_privilege_escalation

5 Updated 1 months ago

LongLeo287

AI & Automation Featured

performing-privilege-escalation-on-linux

Linux privilege escalation involves elevating from a low-privilege user account to root access on a compromised system. Red teams exploit misconfigurations, vulnerable services, kernel exploits, and w

12,642 Updated today

mukul975

AI & Automation Solid

linux-privilege-escalation

This skill should be used when the user asks to "escalate privileges on Linux", "find privesc vectors on Linux systems", "exploit sudo misconfigurations", "abuse SUID binaries", "exploit cron jobs for root access", "enumerate Linux systems for privilege escalation", or "gain root access from low-privilege shell". It provides comprehensive techniques for identifying and exploiting privilege escalation paths on Linux systems.

4,215 Updated today

zebbern

Web & Frontend Solid

linux-privilege-escalation

27,681 Updated today

davila7