privilege-escalation-methods

Provide comprehensive techniques for escalating privileges from a low-privileged user to root/administrator access on compromised Linux and Windows systems. Essential for penetration testing post-exploitation phase and red team operations. Exploit misconfigured sudo permissions using GTFOBins techniques: Must: Must Not: Should: For detailed enumeration scripts, use: This skill is applicable to execute the workflow or actions described in the overview. - Initial low-privilege shell access on target system - Kali Linux or penetration testing distribution - Tools: Mimikatz, PowerView, PowerUpSQL, Responder, Impacket, Rubeus - Understanding of Windows/Linux privilege models - For AD attacks: Domain user credentials and network access to DC - Root or Administrator shell access - Extracted credentials and hashes - Persistent access mechanisms - Domain compromise (for AD environments) - Have initial shell access before attempting escalation - Verify target OS and environment before selecting technique - Use appropriate tool for domain vs local escalation - Attempt techniques on production systems without authorization - Leave persistence mechanisms without client approval - Ignore detection mechanisms (EDR, SIEM) - Enumerate thoroughly before exploitation - Document all successful escalation paths - Clean up artifacts after engagement - LinPEAS : Linux privilege escalation...