Privilege Escalation Techniques: Learn the art of exploiting Windows and Linux systems

Product Description

Learn how to escalate your privileges on Windows and Linux systems

This book is a comprehensive guide on the privilege escalation process for Windows and Linux systems and is designed to be practical and hands-on by providing the reader with real world exercises and scenarios in the form of vulnerable environments and virtual machines.

Key Features

Learn how to perform local enumeration on Windows & Linux systems.
Understand the key differences between elevating privileges on Windows and Linux systems.
Learn how to identify privilege escalation vectors on Windows & Linux systems.
Learn how to elevate your privileges on Windows and Linux systems by leveraging various tools and techniques.
Privilege escalation is a vital element of the attack life cycle and is a major determinant in the overall success of a penetration test. The importance of privilege escalation in the penetration testing process cannot be overstated or overlooked. Developing your privilege escalation skills will mark you out as a good penetration tester. The ability to enumerate information from a target system and utilize this information to identify potential misconfigurations and vulnerabilities that can be exploited to elevate privileges is an essential skill set for any penetration tester.

The book uses virtual environments that you can download to test and run tools and techniques. Each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit vulnerabilities on Linux or Windows systems in order to elevate your privileges.

By the end of this book, you will have gained the skills you need to be able to perform local enumeration in order to identify privilege escalation vectors on Windows and Linux systems and how to exploit them in order to elevate your privileges.

What you will learn

Understand the privilege escalation process and how it differs from Windows to Linux
Learn how to set up a virtual penetration testing lab
Gain an initial foothold on the system
Perform local enumeration on target systems
Exploit kernel vulnerabilities on Windows and Linux systems
Perform privilege escalation through password looting and finding stored credentials
Get to grips with performing impersonation attacks
Exploit Windows services such as the secondary logon handle service to escalate Windows privileges
Escalate Linux privileges by exploiting scheduled tasks and SUID binaries

Who this book is for?
This Windows and Linux privilege escalation book is for intermediate-level cybersecurity students and pentesters who are interested in learning how to perform various privilege escalation techniques on Windows and Linux systems, which includes exploiting bugs, design flaws, and more. An intermediate-level understanding of Windows and Linux systems along with fundamental cybersecurity knowledge is expected.

Table of Contents

Introduction to Privilege Escalation
Setting Up Our Lab
Gaining Access (Exploitation)
Performing Local Enumeration
Windows Kernel Exploits
Impersonation Attacks
Windows Password Mining
Exploiting Services
Privilege Escalation through the Windows Registry
Linux Kernel Exploits
Linux Password Mining
Scheduled Tasks
Exploiting SUID Binaries

About the Author

Alexis Ahmed is an experienced penetration tester and security researcher with over 7 years of experience in the cybersecurity industry. He started off his career as a Linux system administrator and soon discovered a passion and aptitude for security and transitioned into a junior penetration tester. In 2017, he founded HackerSploit, a cybersecurity consultancy that specializes in penetration testing and security training, where he currently works as a senior penetration tester and trainer. Alexis has multiple cybersecurity certifications, ranging from the CEH and Sec+ to OSCP, and is a certified ISO 27001 associate. He is also an experienced DevSecOps engineer and