LinPeek is a comprehensive post-exploitation toolkit for Linux systems, designed for security professionals to assess system security, identify privilege escalation vectors, harvest credentials, and establish persistence.
-
System Enumeration
- SUID binary detection with GTFOBins integration
- Container/Docker environment detection
- Cron job analysis
- Host environment detection (WSL, VM, etc.)
-
Privilege Escalation
- Kernel exploit suggester
- Sudo permission checker
- Writable system file detection
-
Credential Harvesting
- /proc filesystem scanning for secrets
- Shell history analysis
- SSH key discovery
-
Persistence
- Multiple persistence mechanism installation
- Log cleaning capabilities
git clone https://github.com/shellkraft/linpeek.git
cd LinPeek
pip install -r requirements.txtpython linpeek.py [options]
python linpeek.py --all --report linpeek-report.json
--enum: Basic system enumeration
--privesc: Privilege escalation checks
--creds: Credential harvesting
--persist: Persistence module
--all: Run enumeration, privilege escalation, and credential modules in one pass
--skip-gtfo-update: Skip the GTFOBins update prompt/check during enumeration
--report <path>: Export structured findings to a file
--report-format {json,text}: Choose report output format (default: json)LinPeek now aggregates findings across modules, assigns severities, prints an end-of-run summary table, and can export a structured JSON or text report for later review or automation.
This tool is intended for legal security assessment and research purposes only. Only use on systems you have permission to test. The developers assume no liability and are not responsible for any misuse or damage caused by this program.