.png)
PurplePanda is a tool that fetches resources from different cloud/saas applications focusing on permissions in order to identify privilege escalation paths and dangerous permissions in the cloud/saas configurations. Note that PurplePanda searches both privileges escalation paths within a platform and across platforms. The name comes from the animal Red Panda. This panda eats peas, just like Purple Panda, which …
Tag Archives: Privilege Escalation
BloodyAD : An Active Directory Privilege Escalation Framework
BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combining pathgen.py and autobloody.py. This framework supports NTLM (with password or NTLM hashes) and Kerberos authentication and binds to LDAP/LDAPS/SAMR services of a domain controller to obtain AD privesc. It is designed to be used transparently with a SOCKS proxy. bloodyAD Description …
Continue reading “BloodyAD : An Active Directory Privilege Escalation Framework”
PEASS-ng : Privilege Escalation Awesome Scripts SUITE new generation
PEASS-ng is a Privilege Escalation Awesome Scripts SUITE new generation. Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the Local Windows Privilege Escalation checklist from book.hacktricks.xyz WinPEAS – Windows local …
Continue reading “PEASS-ng : Privilege Escalation Awesome Scripts SUITE new generation”
DazzleUP : A Tool That Detects The Privilege Escalation Vulnerabilities
DazzleUP is a tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP detects the following vulnerabilities. Exploit Checks The first feature of dazzleUP is that it uses Windows Update Agent API instead of WMI (like others) when finding missing patches. dazzleUP checks the following vulnerabilities. …
Continue reading “DazzleUP : A Tool That Detects The Privilege Escalation Vulnerabilities”
PrivescCheck : Privilege Escalation Enumeration Script for Windows
PrivescCheck script aims to enumerate common Windows security misconfigurations which can be leveraged for privilege escalation and gather various information which might be useful for exploitation and/or post-exploitation. I built on the amazing work done by @harmj0y and @mattifestation in PowerUp. I added more checks and also tried to reduce the amount of false positives. …
Continue reading “PrivescCheck : Privilege Escalation Enumeration Script for Windows”
WinPwnage – Elevate, UAC Bypass, Privilege Escalation, dll Hijack Techniques
WinPwnage meaning is to study the techniques. Techniques are found online, on different blogs and repos here on GitHub. I do not take credit for any of the findings, thanks to all the researchers. Rewrote them and ported it to Python 2.7. The code under todo folders are not tested, do not expect it to …
Continue reading “WinPwnage – Elevate, UAC Bypass, Privilege Escalation, dll Hijack Techniques”