coffeetohack
  • Introduction
  • Methodology
  • Cheatsheet
    • Ports
    • Nmap
    • Directory Bruteforce
    • Password Cracking
    • Web Server
    • Shells
    • TTY Shells
    • File Transfers
    • XSS | SQLi
    • LFI / RFI
    • File Uploads
    • Port Forwarding
  • Framework/Application
    • CMS Made Simple
    • Blundit
    • Wordpress
    • OctoberCMS
    • Tomcat
  • Windows PrivEsc
    • Scheduled Tasks
    • Stored Passwords
    • Installed Apps
    • Unquoted Service Path
    • Binary Paths
    • DLL Hijacking
    • Startup Apps
    • Executable Files
    • Registry
    • Run As
  • Linux PrivEsc
    • Sudo
    • SUID
    • Capabilities
    • Scheduled Tasks
    • NFS Root Squashing
    • Docker
  • Buffer Overflow
    • dostackbufferoverflow
    • BoF 1
    • Vulnserver
    • Brainpan
    • Brainstorm
  • Initial Shell Exploits
  • PrivEsc Exploits
  • Cisco Packet Tracer
  • Active Directory
    • Methodology
    • LLMNR Poisioning
    • Cracking Hashes
    • SMB Relay
    • IPv6 Attacks
    • PowerView
    • Bloodhound
    • Pass The Hash
    • Token Impersonation
    • Kerberoasting
    • GPP Attack
    • URL File Attack
    • PrintNightmare
    • Mimikatz
    • Golden Ticket Attack
  • OSINT
Powered by GitBook
On this page

Was this helpful?

  1. Windows PrivEsc

Installed Apps

If you find any 3rd party installed apps then you can use exploitBD to find if there is any PrivEsc associated with that app. For this, go to exploitDB. Then use the filter to curate the results. Can be used to find for Linux as well

PreviousStored PasswordsNextUnquoted Service Path

Last updated 4 years ago

Was this helpful?