Practical Linux Privilege Escalation (with CTF challenges)

Name: Practical Linux Privilege Escalation (with CTF challenges)
Rating: 5.0 (11 reviews)

Learn how to Enumerate a Linux System to find and exploit Privilege Escalation attack vectors with hands-on exercises.

Highest Rated

Created byLeonardo Tamiano

Last updated 9/2025

English

What you'll learn

Introduction to the Linux Operating System
Introduction to the Linux Shell
Learn how to enumerate a Linux System
Learn how to perform privilege escalation on a Linux System
Learn the fundamentals of Binary Exploitation in Linux

Course content

8 sections • 51 lectures • 14h 35m total length

whoami2:41
Master Linux privilege escalation concepts through CTF challenges, while adopting defensive training and web application penetration testing techniques, with secure coding practices like data validation and authentication and authorization remediation.
Learning objectives2:38
Required Knowledge1:12
How to work with the exercises9:13

What is an Operating System?13:41
The History of Linux4:36
Explore the history of Linux from Linus Torbalse's early hobby project to a dominant open source operating system, highlighting kernel and user space, GNU tools, and Android's rise.
Linux Distributions8:17
Build your own Linux!4:03
Explore Linux open source, view and study the source code, and compile your kernel and distribution; browse implementations like CBC and experiment with minimal kernels using KEMU and busybox.

On the Linux Shell5:59
Master the Linux shell, a command-line interface that interprets commands and interacts with the kernel. Explore sh and bash, and clarify terminal, TTY, and shell roles.
Linux File System19:48
Basic Shell Commands12:57
File System Commands15:01
Linux File System Permissions57:58
Linux Permission Commands10:56
User Management Commands9:21
Explore Linux user management with passwd and shadow, learn how to read user data, and create, modify, or delete users and groups using commands like useradd, passwd, su, and chsh.
Resource Management Commands15:50
Master Linux resource management with uptime, top, htop, btop, mpstat, and free, and inspect disk, network, and processes using df, du, ip a, ps, and kill.
Package Management Commands11:48

PATH Hijacking28:17
PATH Hijacking Exercises0:30
SUID Exploitation29:24
Explains how the set user ID bit lets a root-owned binary run with root privileges and access /etc/shadow, with examples like wget and ssh key gen.
SUID Exploitation Exercises0:30
SUDO Exploitation41:26
Explore how to use the pseudo subsystem for root privilege escalation on Linux, guided by a docker setup and four practical misconfiguration exploits.
SUDO Exploitation Exercises0:30
Wildcard Expansion Exploitation30:09
Wildcard Expansion Exploitation Exercises0:30
Password Cracking24:44
Learn how to perform the unshadow attack by combining shadow and passwd files to crack password hashes, using salt and sha512-crypt, with John the Ripper and rockyou.txt.
Password Cracking Exercises0:29

Learn how to Debug with GDB46:56
Learn how to install and use GDB to inspect memory, registers, and control flow; disassemble, set breakpoints, view source and assembly, and leverage extensions for advanced debugging.
Calling Conventions in x86 and x86_6427:52
Stack Frames32:07
Simple Stack Overflow - 32 bit46:52
Memory Protection Mechanisms30:34
Explore memory protection mechanisms such as NX, stack canaries, ASLR, and PIE. Learn how these defenses shape binary exploitation and defense strategies.
Format String Vulnerabilities33:58
Analyze how format string vulnerabilities arise when user input controls printf format strings, revealing how variadic functions and directives like %x and %n can leak registers, stack, or overwrite memory.
Using Pwntools to Automate Exploitation19:07
Introduction to Ret2libc9:22
Ret2libc 32 bit without ASLR Bypass30:56
Ret2libc 64 bit without ASLR Bypass13:20
Automate Ret2libc with Pwntools9:50
Ret2libc 64 bit with ASLR Bypass12:06
Ret2libc Exercises0:47
Kernel Exploit - Dirty COW29:15

Requirements

Basic general computer knowledge

Description

The Linux OS plays a foundational role in powering the servers that run the internet of today.

- How do you make sure that a Linux deployment is secure?

- How do you make sure that it does not contain miss-configurations that could allow a user to escalate privileges and become the administrator (root) user?

This course covers the most useful techniques you need to know in order to enumerate a modern Linux OS deployment to find and exploit Privilege Escalation attack vectors.

Consider these questions:

- Are you interested in working in the security industry?

- Do you want to learn how to test the security of a Linux OS deployment?

- Do you like hands-on, practice-based learning?

If you answered yes to these questions, then this course is for you.

In this course I will show you how to test the security of a Linux OS deployment. For each technique covered, I have prepared custom exercises in the form of hands-on CTF challenges that will challenge your understanding and bring it to the next level.

Feel free to check out the table of contents in order to understand the arguments covered.

Thank you very much, and for any questions, critisim and feedback, you can always write to me.

Who this course is for:

Cybersecurity enthusiasts curious about Linux Privilege Escalation
Cybersecurity enthusiasts curious about Linux Binary Exploitation
People interested in working in the security industry
People interested about security in general

Practical Linux Privilege Escalation (with CTF challenges)

What you'll learn

Explore related topics

Course content

Introduction4 lectures • 16min

Introduction to Linux4 lectures • 31min

Introduction to the Linux Shell9 lectures • 2hr 40min

Offensive Remote Shell Access5 lectures • 45min

Linux Enumeration4 lectures • 2hr 5min

Linux Privilege Escalation10 lectures • 2hr 36min

Linux Binary Exploitation14 lectures • 5hr 43min

Conclusion1 lecture • 1min

Requirements

Description

Who this course is for: