Automated Linux Enumeration and Privilege Escalation Assessment Toolkit built using Python and Bash.
This project helps security professionals, students, and researchers identify potential privilege escalation vectors, insecure configurations, and common security weaknesses on Linux systems through automated enumeration and reporting.
For educational, research, and authorized security assessment purposes only.
Linux systems often contain misconfigurations that can lead to privilege escalation opportunities. Manually identifying these issues can be time-consuming and error-prone.
This toolkit automates the assessment process by collecting system information, analyzing configurations, detecting risky settings, and generating structured reports for review.
The toolkit focuses on identification and assessment rather than exploitation.
- Operating system detection
- Kernel information gathering
- Host information collection
- Environment analysis
- SUID binary discovery
- Dangerous permission analysis
- Service configuration inspection
- Scheduled task (cron) analysis
- Privilege escalation vector identification
- JSON report generation
- Human-readable text reports
- Categorized findings
- Severity-based reporting
- Modular architecture
- Automated assessment workflow
- Easy extension with custom modules
privesc_toolkit/
│
├── scanner.py
├── quick_enum.sh
│
├── modules/
│ ├── __init__.py
│ ├── cron_scanner.py
│ ├── kernel_scanner.py
│ ├── permission_scanner.py
│ ├── report_generator.py
│ ├── service_scanner.py
│ └── suid_scanner.py
│
├── README.md
├── LICENSE
└── .gitignore
Clone the repository:
git clone https://github.com/kaifhoda1/privesc_toolkit.git
cd privesc_toolkitVerify Python installation:
python3 --versionRecommended:
Python 3.10+
Run the full assessment:
python3 scanner.pyRun quick enumeration:
chmod +x quick_enum.sh
./quick_enum.sh[+] Collecting system information
[+] Enumerating SUID binaries
[+] Analyzing file permissions
[+] Checking services
[+] Inspecting cron jobs
Assessment Completed
High Findings: 2
Medium Findings: 4
Low Findings: 7
{
"finding": "SUID Binary Detected",
"severity": "High",
"path": "/usr/bin/example"
}Finding: SUID Binary Detected
Severity: High
Path: /usr/bin/example
This toolkit performs assessment and enumeration only.
It does NOT:
- Exploit vulnerabilities
- Attempt privilege escalation
- Modify system configurations
- Install software
- Execute destructive actions
- Bypass security controls
Its purpose is to identify and document potential security risks for security assessment and educational use.
This project was created to strengthen knowledge in:
- Linux Security
- Privilege Escalation Assessment
- System Enumeration
- Security Automation
- Python Development
- Bash Scripting
- Security Reporting
- Cybersecurity Research
Contributions, suggestions, and issue reports are welcome.
- Fork the repository
- Create a feature branch
- Commit changes
- Submit a pull request
This project is provided solely for educational, research, and authorized security assessment purposes.
The author does not encourage, support, or condone the use of this software against systems, networks, or devices without explicit authorization.
Users are solely responsible for ensuring that their use of this software complies with all applicable laws, regulations, and organizational policies.
The author shall not be held liable for any misuse, damage, data loss, service disruption, legal consequences, or other issues arising from the use or misuse of this software.
By using this software, you acknowledge that you do so at your own risk.
This project is licensed under the MIT License.
See the LICENSE file for more information.
Mohammad Kaif
GitHub: https://github.com/kaifhoda1
Consider giving the repository a ⭐ to support future development.