~/hackyfeed
> cat /dev/github | grep security-tools
discovered 30 Mar 2026

Privilege-Escalation

★ 3576 via github-topic
→ View on GitHub

AI Summary: Privilege Escalation is a comprehensive cheat sheet and reference guide tailored for penetration testers, CTF participants, and cybersecurity students, focusing on methods to escalate privileges in compromised systems. This tool includes a wealth of exploitation techniques, such as abusing sudo rights, exploiting SUID bits, and identifying vulnerable Docker instances, alongside detailed enumeration and exploitation methods. Notable features include practical examples, links to external resources, and an organized structure for efficient referencing in both educational and professional penetration testing scenarios.

README

⬆️ Privilege Escalation for Pentesters

A practical Privilege Escalation cheat sheet and reference guide designed for CTF players, penetration testers, and cybersecurity learners to understand how attackers escalate privileges on compromised systems

🌐 Connect With Us

🔵 Telegram – Join Channel
Twitter/X – Follow Us
🟣 Discord – Join Server
💼 LinkedIn – Follow HackingArticles

🎓 Training Program

🚀 Join Our Cybersecurity Training Program

Hands-on training in Penetration Testing, Red Teaming, and Cybersecurity.

Table of Contents

Abusing Sudo Rights

No.Machine NameFiles/Binaries
1.Ted:1apt-get
2.KFIOFan : 1awk
3.21 LTR: Scene1cat
4.Skytowercat
5.Matrix : 1cp
6.Sputnik 1ed
7.Sunseted
8.DC-2git
9.Kioptrix : Level 1.2ht
10.Matrix-3manual
11.symfonos : 2MySQL
12.Developmentnano
13.SP ikenmap
14.DC6nmap
15.Dinaperl
16.Wakanda : 1pip
17.Violatorproftpd
18.Broken: Galleryreboot/timedatectl
19.DE-ICE:S1.120script
20.Fristileaksscript
21.DerpNStinkscript
22.Digitalworld.local : JOYscript
23.PumpkinFestivalscript
24.The Ether: Evil Sciencescript
25.HA:Rudrascript
26.djinn:1script
27.UA: Literally Vulnerablescript
28.PumpkinRaisingstrace
29.Unknowndevice64 : 1strace
30.Holynix: v1tar
31.Breach 2.1tcpdump
32.Temple of Doomtcpdump
33.Web Developer : 1tcpdump
34.DC-4teehee
35.Serial: 1vim
36.Zico 2zip
37.HA: Dhanushzip
38.Sunset: Nightfallcat
39.HA: Infinity Stonesftp
40.Sunset-Sunrisewine
41.Me and My Girlfreind:1php
42.Symfonos:5dpkg
43.Five86:2service
44.Tempus Fugit:1Diffrent for every user
45.DevRandom CTF:1.1dpkg
46.Zion: 1.1cp
47.Seppuku:1script
48.GitRoot: 1git
49.Tre:1shutdown
50.BlackRose: 1script
51.So Simple:1script
52.CryptoBank:1All
53.Star Wars:1All
54.Mercuryscript
55.Durian:1script
56.nyx:1gcc
57.Relevant:1node
58.Maskcrafter:1.1dpkg
59.Hogwarts:Bellatrixvim

SUID Bit

No.Machine NameSUID Bit
1.Kevgircp
2.digitalworld.local - BRAVERYcp
3.Happycorp : 1cp
4.FourAndSix : 2doas
5.DC-1find
6.dpwwn:2find
7.MinU: v2Micro Editor
8.Toppo:1python 2.7/mawk
9.Mr. Robotnmap
10.Covfefescript
11./dev/random : K2script
12.hackme1script
13.Sunset: dawnzsh
14.HA: Wordycp
15.bossplayersCTF 1find
16.In Plain Sight:1script
17.Five86:1script
18.Geisha:1base32
19.Victim:1nohup
20.eLection: 1script
21.Photographer 1php7.2
22.DMV :1script
23.ShellDredd #1 Hannahcpulimit
24.KB-Vuln:3systemctl
25.Cybox:1register

Kernel Exploit

No.Machine NameKernelExploit
1.pWnOS -1.0Linux Kernel 2.6.17 < 2.6.24.15092
2.LAMPSecurity: CTF 5Linux Kernel 2.4/2.69479
3.Kioptrix : Level 1.1CentOS 4.4/4.5 / Fedora Core 4/5/6 x86)9542
4.Hackademic-RTB1RDS Protocol’ Local Privilege Escalation15285
5.Hackademic-RTB2RDS Protocol’ Local Privilege Escalation15285
6.ch4inrulz : 1.0.1RDS Protocol’ Local Privilege Escalation15285
7.Kioprtix: 5FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation28718
8.SimpleApport/Abrt (Ubuntu / Fedora)36746
9.SecOS: 1Ubuntu 12.04/14.04/14.10/15.0437292
10.DroopyUbuntu 12.04/14.04/14.10/15.0437292
11.VulnOS: 2.0Ubuntu 12.04/14.04/14.10/15.0437292
12.FartknockerUbuntu 12.04/14.04/14.10/15.0437292
13.Super MarioUbuntu 12.04/14.04/14.10/15.0437292
14.Golden Eye:1Ubuntu 12.04/14.04/14.10/15.0437292
15.Typhoon : 1.02Ubuntu 12.04/14.04/14.10/15.0437292
16.GrimTheRipper:1Ubuntu 12.04/14.04/14.10/15.0437292
17.6daysUbuntu 12.04/14.04/14.10/15.0437292
18.Lord of the RootUbuntu 14.04/15.1039166
19.Acid ReloadedUbuntu 14.04/15.1039166
20.StaplerUbuntu 16.0439772
21.SidneyUbuntu 16.0439772
22.DC-3Ubuntu 16.0439772
23.PluckDirty COW40616
24.Lampiao : 1Dirty COW /proc/self/mem’ Race Condition40847
25.WinterMute : 1GNU Screen 4.5.041154
26.DC-5GNU Screen 4.5.041154
27.BTRSys:dv 2.1Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free41458
28.NightmareUbuntu 14.04/16.04 (KASLR / SMEP)43418
29.TrollcaveLinux Kernel < 4.4.0-116 (Ubuntu 16.04.4)44298
30.Prime: 1Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4)44298
31.LAMPSecurity: CTF6Linux Kernel 2.68478
32.My File Server:1Dirty COW40616
33.VulnUni 1.0.1GUnet OpenEclass E-learning platform 1.7.348106
34.Sumo: 1Dirty COW40839
35.CyberSploit: 1Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - ‘overlayfs’37292
36.Loly: 1Linux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27)45010
37.Tomato: 1Linux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27)45010

Path Variable

No.Path VariableFiles
1.PwnLabcat
2.USVcat
3.Zeus:1date
4.The Gemini incdate
5.EW-Skuzzyid
6.Nullbyteps
7.symfonos : 1curl
8.Silky-CTF: 0x01whoami
9.Beast 2whoami
10.HA:Arsenal Avengersifconfig
11.Inclusiveness:1whoami
12.MuzzyBox:1ls
13.TBBT:2sl
14.Sunset: Midnightservice
15.Healthcare:1fdisk

Enumeration

No.Machine Name
1.The Library:1
2.The Library:2
3.LAMPSecurity: CTF 4
4.LAMPSecurity: CTF 7
5.Xerxes: 1
6.pWnOS -2.0
7.DE-ICE:S1.130
9.Tommyboy
10.VulnOS: 1
11.Spyder Sec
12.Acid
13.Necromancer
14.Freshly
15.Fortress
16.Billu : B0x
17.Defence Space
18.Moria 1.1
19.Analougepond
20.Lazysysadmin
21.Bulldog
22.BTRSys 1
23.G0rmint
24.Blacklight : 1
25.The blackmarket
26.Matrix 2
27.Basic Pentesting : 2
28.Depth
29.Bob: 1.0.1
30.W34kn3ss 1
31.Replay: 1
32.Born2Root: 2
33.CLAMP 1.0.1
34.WestWild: 1.1
35.64base
36.C0m80
37.Gibson
38.Quaoar
39.Hacker Fest: 2019
40.EVM: 1
41.EnuBox:Mattermost
42.2much:1
43.mhz_cxf:c1f
44.HA: Pandavas
45.GreenOptic:1
46.Cewlkid:1
47.PowerGrid:1.0.1
48.Insanity:1
49.Tempus Fugit:3
50.HA: Forensics
51.HA: Vedas
52.HA: Sherlock

MySQL

NoMachine Name
1.Kioptrix : Level 1.3
2.Raven
3.Raven : 2

Cronjob

NoMachine Name
1.Billy Madison
2.BSides Vancuver: 2018
3.Jarbas : 1
4.SP:Jerome
5.dpwwn: 1
6.Sar
7.TBBT
8.Glasgow Smile: 1.1
9.LemonSqueezy:1

Wildcard Injection

NoMachine Name
1.Milnet
2.Pipe

Capabilities

NoMachine Name
1.Kuya : 1
2.DomDom: 1
3.HA: Naruto
4.Connect The Dots:1
5.Katana
6.Presidential: 1

Writable /etc/passwd file

NoMachine Name
1.Hackday Albania
2.Billu Box 2
3.Bulldog 2
4.AI: Web: 1
5.Westwild: 2
6.Misdirection 1
7.HA: ISRO
8.Gears of War: EP#1
9.DC:9
10.Sahu
11.Sunset: Twilight
12.Chili:1

Writable files or script

NoMachine Name
1.Skydog
2.Breach 1.0
3.Bot Challenge: Dexter
4.Fowsniff : 1
5.Mercy
6.Casino Royale
7.SP eric
8.PumpkinGarden
9.Tr0ll: 3
10.Nezuko:1
11.Symfonos:3
12.Tr0ll 1
13.DC:7
14.View2aKill
15.CengBox:1
16.Broken 2020: 1
17.CengBox:2
18.HA:Narak

Buffer Overflow

NoMachine Name
1.Tr0ll 2
2.IMF
3.BSides London 2017
4.PinkyPalace
5.ROP Primer
6.CTF KFIOFAN:2
7.Kioptrix : Level 1
8.Silky-CTF: 0x02

Docker

NoMachine Name
1.Donkey Docker
2.Game of Thrones
3.HackinOS:1
4.HA: Chakravyuh
5.Mumbai:1
6.Sunset:dusk
7.Pwned:1

Chkrootkit

NoMachine Name
1.SickOS 1.2
2.Sedna
3.HA: Chanakya
4.Sunset: decoy

Bruteforce

NoMachine Name
1.Rickdiculouslyeasy
2.RootThis : 1
3.LAMPSecurity: CTF 8
4.Cyberry:1
5.Born2root

Crack /etc/shadow

NoMachine Name
1.DE-ICE:S1.140
2.Minotaur
3.Moonraker:1
4.Basic Penetration
5.W1R3S.inc

NFS

NoMachine Name
1.Orcus
2.FourAndSix

Json

NoMachine NameJson
1.MinU: 1Json Token
2.Symfonos:4Json Pickle

Redis

NoMachine Name
1.Gemini inc:2

LXD

NoMachine Name
1.AI: Web: 2
2.HA: Joker
3.CyNix:1

ALL

NoMachine Name
1.Lin.Security
2.Escalate_Linux
3.Jigsaw:1

Exim

NoMachine Name
1.DC:8

Apache2 Writable

NoMachine Name
1.Torment
2.HA: Armour
cheatsheet

|3.|HA: Natraj

privilege-escalation