Pros of PayloadsAllTheThings

• Broader scope covering various security topics beyond privilege escalation
• More extensive and frequently updated content
• Well-organized structure with clear categorization of payloads and techniques

Cons of PayloadsAllTheThings

• May be overwhelming for beginners due to the vast amount of information
• Less focused on specific privilege escalation techniques
• Requires more time to navigate and find relevant information

Code Comparison

PayloadsAllTheThings (Linux Privilege Escalation):

# Find files with SUID bit set
find / -perm -4000 -type f -exec ls -la {} 2>/dev/null \;

# List all sudo privileges
sudo -l

Privilege-Escalation (Linux Privilege Escalation):

# Find writable directories
find / -writable -type d 2>/dev/null

# Check for misconfigured cron jobs
ls -la /etc/cron*

Both repositories provide valuable resources for security professionals and enthusiasts. PayloadsAllTheThings offers a more comprehensive collection of security-related payloads and techniques, while Privilege-Escalation focuses specifically on privilege escalation methods. The choice between the two depends on the user's specific needs and level of expertise in the field.

Pros of PEASS-ng

• More comprehensive and actively maintained, with frequent updates
• Supports multiple operating systems (Windows, Linux, macOS)
• Includes both manual and automated privilege escalation techniques

Cons of PEASS-ng

• Larger codebase, potentially more complex to use and understand
• May trigger antivirus or security software due to its comprehensive nature

Code Comparison

PEASS-ng (linpeas.sh):

if [ "$MACPEAS" ]; then
    print_2title "System Information"
    system_info
elif [ "$OSTYPE" = "Linux" ]; then
    print_2title "Linux System Information"
    linux_sys_info

Privilege-Escalation (LinEnum.sh):

echo -e "\n"
echo -e "$YELLOW###################### System Information ######################$RESET"
unameinfo=`uname -a 2>/dev/null`
if [ "$unameinfo" ]; then
    echo -e "$unameinfo"

Both repositories focus on privilege escalation techniques, but PEASS-ng offers a more comprehensive and multi-platform approach. It includes tools for Windows (WinPEAS), Linux (LinPEAS), and macOS (MacPEAS), while Privilege-Escalation primarily focuses on Linux.

PEASS-ng is actively maintained with frequent updates, making it more likely to include the latest privilege escalation techniques and vulnerabilities. However, its larger codebase may be more challenging for beginners to navigate.

Privilege-Escalation, while less comprehensive, offers a simpler approach that may be easier for newcomers to understand and use. It may also be less likely to trigger security software due to its more focused nature.

Pros of lpeworkshop

• More comprehensive and structured workshop format
• Includes hands-on labs and exercises for practical learning
• Covers both Windows and Linux privilege escalation techniques

Cons of lpeworkshop

• Less frequently updated compared to Privilege-Escalation
• Requires more setup and preparation for the workshop environment
• May be overwhelming for beginners due to its extensive content

Code Comparison

lpeworkshop:

# Check for AlwaysInstallElevated registry key
$HKLM = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer"
$HKCU = "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Installer"
$AlwaysInstallElevated = (Get-ItemProperty $HKLM).AlwaysInstallElevated -eq 1

Privilege-Escalation:

# Check for AlwaysInstallElevated
$AIE = Get-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer -Name AlwaysInstallElevated -ErrorAction SilentlyContinue
if ($AIE.AlwaysInstallElevated -eq 1) {
    Write-Host "AlwaysInstallElevated is enabled"
}

Both repositories provide valuable resources for privilege escalation techniques, but they differ in their approach and target audience. lpeworkshop offers a more structured learning experience, while Privilege-Escalation provides a concise collection of scripts and tools for quick reference and implementation.

Pros of LinEnum

• More focused on Linux enumeration and privilege escalation
• Actively maintained with regular updates
• Comprehensive system information gathering capabilities

Cons of LinEnum

• Limited to Linux systems only
• Less extensive documentation compared to Privilege-Escalation
• May require more manual analysis of output

Code Comparison

LinEnum:

#!/bin/bash
# A simple script to enumerate local information from a Linux host
version="version"

Privilege-Escalation:

# Windows Privilege Escalation Awesome Scripts
# https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite

LinEnum is a bash script specifically designed for Linux systems, while Privilege-Escalation includes scripts for both Windows and Linux environments. LinEnum focuses on gathering detailed system information, while Privilege-Escalation offers a broader range of tools and techniques for privilege escalation across different operating systems.

LinEnum's strength lies in its comprehensive Linux enumeration capabilities, making it an excellent choice for Linux-specific penetration testing and security auditing. On the other hand, Privilege-Escalation provides a more diverse set of tools and resources for both Windows and Linux systems, making it a versatile option for security professionals working across multiple platforms.

Pros of BeRoot

• More comprehensive and actively maintained, with regular updates
• Supports multiple operating systems (Windows, Linux, macOS)
• Includes a standalone executable for easy deployment

Cons of BeRoot

• Larger codebase, potentially more complex to understand and modify
• Requires Python installation for full functionality
• May have a steeper learning curve for beginners

Code Comparison

BeRoot (Python):

def check_msv1_0():
    try:
        hllDll = ctypes.WinDLL("msv1_0.dll")
        return True
    except:
        return False

Privilege-Escalation (Bash):

function check_sudo_config() {
    if [ -f "/etc/sudoers" ]; then
        echo "Sudoers file found. Checking for misconfigurations..."
        cat /etc/sudoers | grep -v "^#" | grep -v "^$"
    fi
}

BeRoot offers a more sophisticated approach with Python, utilizing Windows APIs for privilege escalation checks. Privilege-Escalation uses simpler Bash scripts for Linux-based systems, focusing on configuration file analysis.

Pros of GTFOBins

• Comprehensive collection of Unix binaries that can be exploited for privilege escalation
• Well-organized and searchable interface for quick reference
• Regularly updated with community contributions

Cons of GTFOBins

• Focused solely on Unix binaries, limiting its scope for other privilege escalation techniques
• May require more technical knowledge to understand and apply the provided information

Code Comparison

GTFOBins (YAML format for binary entries):

---
functions:
  shell:
    - code: BINARY -p '!sh'
  command:
    - code: BINARY -p '!id'

Privilege-Escalation (Markdown format for checklists):

- [ ] Check for SUID binaries

find / -perm -u=s -type f 2>/dev/null

- [ ] Check for writable directories

find / -writable -type d 2>/dev/null

GTFOBins provides a structured format for each binary, while Privilege-Escalation offers a more general checklist approach with command examples. GTFOBins is more focused on specific binaries, whereas Privilege-Escalation covers a broader range of privilege escalation techniques.