Summary
This is a comprehensive privesc playbook that goes deeper than most general enumeration scripts. It covers the usual suspects (SUID binaries, sudo misconfigs, cron abuse) but also gets into stuff base models often miss like capabilities exploitation, NFS no_root_squash, and wildcard injection in tar cron jobs. The routing to container escape and lateral movement skills is smart since privilege escalation is rarely the end goal. The GTFOBins quick-reference table and capability-to-exploit mapping save you from constantly searching docs mid-engagement. It references two additional files for SUID/capabilities tricks and kernel exploit mapping that aren't included here but would presumably give you exploit commands and version-specific payloads. Load this when you land a low-privilege shell and need a systematic path to root.
Install to Claude Code
npx -y skills add yaklang/hack-skills --skill linux-privilege-escalation --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →First SeenJun 3, 2026
