Download
PrivescCheck is a local privilege escalation reconnaissance tool for Unix-like systems that automates common checks auditors and system owners run when looking for misconfigurations. It enumerates kernel versions, installed packages, SUID/SGID binaries, world-writable files and directories, services, cron jobs, and user/group permissions to highlight likely escalation paths. The output is organized and human-readable so operators can triage findings quickly—flagging high-risk items separately from informational noise. Designed for defenders as much as red-teamers, it helps turn ad-hoc manual checks into repeatable scans that surface systemic mistakes (for example, left-over build scripts or insecure service configs). Because it focuses on discovery rather than exploitation, it’s useful in hardening exercises, audits, and incident response to identify what an intruder might leverage.
Features
- Detects misconfigurations and potential privilege escalation vectors due to Windows configuration or bad practices
- Supports different “modes” of scanning: basic vs extended vs audit; ability to generate human-readable plus machine readable report formats
- Standalone script (single .ps1 file) so can be copied and run without cloning entire repo
- Ability to run dot-sourced so that functions/cmdlets are available in current session; supports bypassing execution policy etcetera
- Reports in multiple formats: e.g. TXT and HTML; optionally CSV, XML etcetera for parsing and audit automation
- Useful even when not running as administrator; some checks still possible under limited privileges; reports risk etcetera with gradation
Project Samples
