linux-exploit-suggester
by The-Z-Labs
Linux Exploit Suggester is a command-line tool that audits Linux kernels for exposure to publicly known privilege escalation exploits and verifies kernel hardening settings.
Linux privilege escalation auditing tool
Primary Use Case
This tool is primarily used by security professionals and system administrators to quickly assess the vulnerability of a Linux system's kernel to known exploits and to evaluate the effectiveness of kernel hardening measures. It helps identify potential privilege escalation vectors and security misconfigurations to prioritize remediation efforts.
- Assesses exposure of Linux kernels to publicly known exploits using heuristic analysis
- Provides detailed exploit information including CVE references, exposure likelihood, and exploit download links
- Verifies kernel compile-time configurations and runtime security settings (sysctl) for hardening status
- Outputs clear exposure levels: highly probable, probable, less probable, and unprobable
- Supports multiple Linux distributions and kernel versions with tagged exploit applicability
- Includes references and documentation links for deeper understanding of exploits and mitigations
Installation
- Download the script using wget: wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
- Make the script executable if needed: chmod +x les.sh
- Run the script directly on the target Linux system
Usage
>_ ./linux-exploit-suggester.shRuns the tool to assess kernel exposure to publicly known Linux privilege escalation exploits.
>_ ./linux-exploit-suggester.sh --checksecChecks the state of kernel hardening security measures including compile-time and runtime settings.
- Integrate with automated CI/CD pipelines to continuously assess kernel exploit exposure during build and deployment phases.
- Combine with exploitation frameworks like Metasploit for streamlined red team privilege escalation testing.
- Use output to prioritize patching and hardening efforts in vulnerability management workflows.
- Leverage kernel hardening verification to validate security baselines and compliance with organizational policies.
- Incorporate into purple team exercises to simulate attacker privilege escalation and improve detection capabilities.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about linux-exploit-suggester. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
This tool hasn't been indexed yet. Request indexing to enable AI chat.
Admin will review your request within 24 hours
Related Tools
trivy
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
nuclei
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
lynis
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
vuls
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
oss-fuzz
google/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software.
nuclei-templates
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.