Post Exploitationprivilege-escalationlinuxwindowsmacosenumeration

peass-ng

Privilege Escalation Awesome Scripts SUITE (peass-ng) provides tools for Windows, Linux/Unix, and MacOS to identify local privilege escalation paths. These scripts search for misconfigurations and display them with color coding for easy recognition.

Description

peass-ng is a comprehensive suite of privilege escalation tools designed for post-exploitation scenarios across multiple operating systems including Windows, Linux/Unix, and MacOS. The tools automatically enumerate potential privilege escalation vectors by analyzing system configurations, permissions, services, and other common misconfigurations that could allow a user to gain elevated privileges.

The suite includes specialized tools like linpeas for Linux/Unix systems and winpeas for Windows environments. These scripts provide color-coded output to highlight critical findings, making it easier for security professionals to quickly identify exploitable conditions during penetration testing and red team engagements.

Installation provides access to all binaries and scripts organized in /usr/share/peass/, with separate directories for linpeas and winpeas components supporting various architectures and execution methods.

How It Works

peass-ng tools perform automated system enumeration to detect privilege escalation opportunities. They scan for common misconfigurations including SUID binaries, writable configuration files, weak permissions, vulnerable services, cron jobs, and other privilege escalation vectors. The scripts use color-coded output to categorize findings by severity and exploitability. Linpeas supports multiple Linux architectures (386, amd64, arm, arm64) and MacOS (darwin), while winpeas provides both batch, PowerShell, and multiple executable formats for Windows (x86, x64, any).

Installation

bash
sudo apt install peass

Flags

-hShow help/usage information for the tool

Examples

Display help information for linpeas and show directory structure of linpeas components
linpeas -h
Display help information for peass and show complete directory structure including both linpeas and winpeas
peass -h
Display help information for winpeas and show winpeas directory structure
winpeas -h
List all linpeas components including various architecture-specific binaries and scripts
ls /usr/share/peass/linpeas
List all winpeas components including batch, PowerShell, and executable files for different Windows architectures
ls /usr/share/peass/winpeas
Install the complete peass-ng suite with all privilege escalation tools
sudo apt install peass
Updated 2026-04-16kali.org ↗