Press "Enter" to skip to content

List of Privilege Escalation Tools

Although this is a reasonable list, the list of ‘good’ tools seemingly changes every month. As of late 2019, this is a decent list of tools that can be used to aid in privilege escalation.

Linux

Linux Smart Enumeration

File type: Shell Script
Download: Here

"This script will show relevant information about the security of the local Linux system.

It has 3 levels of verbosity so you can control how much information you see.

In the default level you should see the highly important security flaws in the system. The level 1 (./lse.sh -l1) shows interesting information that should help you to privesc. The level 2 (./lse.sh -l2) will just dump all the information it gathers about the system.

By default it will ask you some questions: mainly the current user password (if you know it 😉 so it can do some additional tests."

LinEnum

File Type: Shell Script
Download: Here

Has several different options that it can be run with. Best to run with thorough testing enabled.

Linux Exploit Suggester 2

File Type: Perl Script
Download: Here

"This script is extremely useful for quickly finding privilege escalation vulnerabilities both in on-site and exam environments."

Windows

PowerUp

File Type: Powershell Script
Download: Here

"PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations. See README.md for more information."

Sherlock

File Type: Powershell Script
Download: Here

Deprecated ~3 years ago. Should work well for < 2017 Windows Builds.

"PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities."

Watson

File Type: Windows Executable
Download: Here

Does need to be compiled inside of VScode.

"Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities."

Seatbelt

File Type: Windows Executable
Download: Here

"Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives."

SharpUp

File Type: Windows Executable
Download: Here

"SharpUp is a C# port of various PowerUp functionality. Currently, only the most common checks have been ported; no weaponization functions have yet been implemented."

 

 

Read more posts about Tools