Skip to main content

Linux Exploitation

55 hours 8 Modules 20+ Labs Intermediate

Course Description

Linux powers the majority of servers, cloud infrastructure, and IoT devices. This course teaches you to identify and exploit Linux vulnerabilities, from basic privilege escalation to advanced kernel exploits.

Learning Objectives

By the end of this course, you will be able to:

  1. Enumerate Linux systems for privilege escalation vectors
  2. Exploit SUID/SGID binaries and capabilities
  3. Abuse sudo misconfigurations and cron jobs
  4. Perform kernel exploitation techniques
  5. Escape Docker and Kubernetes containers
  6. Maintain persistence on Linux systems

Course Structure

Modules

Module 1: Linux Security Fundamentals (6h)

  • Linux file permissions deep dive
  • User and group management
  • SELinux and AppArmor basics
  • Linux security modules
  • Audit framework

Module 2: Enumeration Techniques (8h)

  • Manual enumeration scripts
  • LinPEAS and LinEnum usage
  • Network enumeration
  • Process and service enumeration
  • Cron job discovery
  • Installed software analysis

Module 3: SUID/SGID Exploitation (8h)

  • Finding SUID binaries
  • GTFOBins exploitation
  • Custom SUID exploits
  • Capabilities abuse
  • Library hijacking

Module 4: Sudo Abuse (6h)

  • Sudo misconfigurations
  • Sudo version exploits
  • LD_PRELOAD attacks
  • PATH hijacking
  • Sudo rules bypass

Module 5: Cron & Scheduled Tasks (6h)

  • Cron job enumeration
  • Writable script exploitation
  • PATH manipulation
  • Wildcard injection
  • Systemd timer abuse

Module 6: Kernel Exploitation (10h)

  • Kernel version identification
  • Public exploit adaptation
  • Dirty COW and variants
  • Dirty Pipe exploitation
  • Kernel module attacks
  • Return-oriented programming (ROP)

Module 7: Container Escape (8h)

  • Docker enumeration
  • Privileged container escape
  • Docker socket abuse
  • Kubernetes escape techniques
  • Container breakout methods
  • cgroups exploitation

Module 8: Persistence & Post-Exploitation (6h)

  • SSH key persistence
  • Cron persistence
  • Systemd persistence
  • Rootkits basics
  • Log manipulation
  • Anti-forensics on Linux

Tools

ToolPurpose
LinPEASPrivilege escalation scanner
LinEnumEnumeration script
pspyProcess monitoring
GTFOBinsBinary exploitation reference
linux-exploit-suggesterKernel exploit finder
DockerContainer testing
Ethical Use Only

Only exploit systems you own or have explicit authorization to test.

Quick Navigation