# Linux Hardening

- [Checklist - Linux Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/linux-privilege-escalation-checklist.md)
- [Linux Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation.md)
- [Arbitrary File Write to Root](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/write-to-root.md)
- [Cisco - vmanage](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/cisco-vmanage.md)
- [Containerd (ctr) Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/containerd-ctr-privilege-escalation.md)
- [D-Bus Enumeration & Command Injection Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation.md)
- [Docker Security](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security.md)
- [Abusing Docker Socket for Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/abusing-docker-socket-for-privilege-escalation.md)
- [AppArmor](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/apparmor.md)
- [AuthZ& AuthN - Docker Access Authorization Plugin](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/authz-and-authn-docker-access-authorization-plugin.md)
- [CGroups](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/cgroups.md)
- [Docker --privileged](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/docker-privileged.md)
- [Docker Breakout / Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation.md)
- [release\_agent exploit - Relative Paths to PIDs](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/release_agent-exploit-relative-paths-to-pids.md)
- [Docker release\_agent cgroups escape](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/docker-release_agent-cgroups-escape.md)
- [Sensitive Mounts](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.md)
- [Namespaces](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces.md)
- [CGroup Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/cgroup-namespace.md)
- [IPC Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/ipc-namespace.md)
- [PID Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/pid-namespace.md)
- [Mount Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/mount-namespace.md)
- [Network Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/network-namespace.md)
- [Time Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/time-namespace.md)
- [User Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/user-namespace.md)
- [UTS Namespace](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/namespaces/uts-namespace.md)
- [Seccomp](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/seccomp.md)
- [Weaponizing Distroless](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/docker-security/weaponizing-distroless.md)
- [Escaping from Jails](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/escaping-from-limited-bash.md)
- [euid, ruid, suid](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/euid-ruid-suid.md)
- [Interesting Groups - Linux Privesc](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/interesting-groups-linux-pe.md)
- [lxd/lxc Group - Privilege escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/interesting-groups-linux-pe/lxd-privilege-escalation.md)
- [Logstash](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/logstash.md)
- [ld.so privesc exploit example](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/ld.so.conf-example.md)
- [Linux Active Directory](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/linux-active-directory.md)
- [Linux Capabilities](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/linux-capabilities.md)
- [NFS no\_root\_squash/no\_all\_squash misconfiguration PE](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/nfs-no_root_squash-misconfiguration-pe.md)
- [Node inspector/CEF debug abuse](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/electron-cef-chromium-debugger-abuse.md)
- [Payloads to execute](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/payloads-to-execute.md)
- [RunC Privilege Escalation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/runc-privilege-escalation.md)
- [SELinux](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/selinux.md)
- [Socket Command Injection](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/socket-command-injection.md)
- [Splunk LPE and Persistence](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/splunk-lpe-and-persistence.md)
- [SSH Forward Agent exploitation](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/ssh-forward-agent-exploitation.md)
- [Wildcards Spare tricks](https://hacktricks.xsx.tw/linux-hardening/privilege-escalation/wildcards-spare-tricks.md)
- [Useful Linux Commands](https://hacktricks.xsx.tw/linux-hardening/useful-linux-commands.md)
- [Bypass Linux Restrictions](https://hacktricks.xsx.tw/linux-hardening/bypass-bash-restrictions.md)
- [Bypass FS protections: read-only / no-exec / Distroless](https://hacktricks.xsx.tw/linux-hardening/bypass-bash-restrictions/bypass-fs-protections-read-only-no-exec-distroless.md)
- [DDexec / EverythingExec](https://hacktricks.xsx.tw/linux-hardening/bypass-bash-restrictions/bypass-fs-protections-read-only-no-exec-distroless/ddexec.md)
- [Linux Environment Variables](https://hacktricks.xsx.tw/linux-hardening/linux-environment-variables.md)
- [Linux Post-Exploitation](https://hacktricks.xsx.tw/linux-hardening/linux-post-exploitation.md)
- [PAM - Pluggable Authentication Modules](https://hacktricks.xsx.tw/linux-hardening/linux-post-exploitation/pam-pluggable-authentication-modules.md)
- [FreeIPA Pentesting](https://hacktricks.xsx.tw/linux-hardening/freeipa-pentesting.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hacktricks.xsx.tw/linux-hardening.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.