CSbyGB - Pentips

CS By GB - PenTips
- Welcome to CSbyGB's Pentips
Networking, Protocols and Network pentest
- Basics
- DNS
- FTP
- HTTP & HTTPS
- IMAP
- IPMI
- MSSQL
- MYSQL
- NFS
- Oracle TNS
- POP3
- RDP
- RPC
- Rservices
- Rsync
- SMB
- SMTP
- SNMP
- SSH
- Winrm
- WMI
Ethical Hacking - General Methodology
External Pentest
- External Pentest
Web Pentesting
Mobile App Pentest
- Android
- IOS
Wireless Pentest
- Wireless pentest
Cloud Pentest
Thick Client Pentest
- Thick Client
Hardware Pentest
- ATM
Secure Code Review
- Secure code review
Checklist
- Web Application and API Pentest Checklist
- Linux Privesc Checklist
Tools
VM and Labs
- General tips
- Setup your pentest lab
Linux
Windows
Programming
Binary Exploitation
OSINT
Pentester hardware toolbox
Post Exploitation
Reporting
- How to report your findings
Red Team
Writeups
Digital skills
Projects
- Projects
  - Technical Projects
  - General Projects
Talks
Resources
- A list of random resources

Powered by GitBook

Linux Privesc Checklist

Adapt it to your methodology and the context of your test. Download this file locally from here this way you can check everything you have done.

Enumerate system
- See here
Enumerate user
- See here
Enumerate network
- See here
Enumerate password
- See here
Check for password and file permissions
- See here and here
Check for Sudo
- See here
Check for SUID
- See here
Check for Capabilities
- See here
Check for Scheduled Tasks
- See here
Check for NFS Root Squashing
- See here
Check Services
- See here
Check for PATH Abuse
- See here
Check for Wildcard Abuse
- See here
Check for Privilege groups
- See here
Check for Kernel Exploits
- See here
Check for homemade scripts

Other checklists

Linux Privesc Checklist - PayloadAllTheThings

PreviousWeb Application and API Pentest Checklist NextBurpsuite

Last updated 4 months ago

On this page