Rootware is a curated, terminal-native toolkit engineered for local privilege escalation (LPE) testing on Linux systems. Designed for security professionals and penetration testers, it automatically enumerates system vulnerabilities and executes tailored exploit chains within a controlled environment.
The engine dynamically downloads and executes exploit payloads in isolated temporary workspaces, ensuring absolute post-test volatility by cleaning up all artifacts after each attempt.
- 🧩 Automated LPE Chain: Evaluates and runs multiple exploit vectors sequentially until root-level access is successfully verified.
- ⚡ Lightweight & Fast: Delivered as a single standalone binary with zero local external dependencies. Runs directly out of the box.
- 🔐 License Management: Features a secure, time-based license enforcement scheme with validation tracking via remote API.
- 📊 System Intelligence: Performs real-time profiling of target kernel versions, underlying CPU architectures, and environmental user contexts.
Rootware is distributed in two builds depending on your target system's environment compatibility:
If the single binary experiences compatibility or library issues on older/specific Linux distributions, use the standalone package which bundles all required modules:
# Download the standalone ZIP package
curl -L -o https://rootware.pages.dev/rootware-linux-amd64.zip
unzip rootware-linux-amd64.zip
cd main.dist
# Run Rootware
./rootwareA single pre-compiled binary build. Fast and straightforward, but may have environment limitations on certain Linux flavors:
# Download the single binary
curl -L -o rootware https://rootware.pages.dev/rootware
chmod +x rootware
# Run Rootware
./rootwareWhen prompted after running the engine, enter your active license key obtained from the Telegram bot:
$ ./rootware
❯ Enter license key: ROOTWAREFREE
✓ License validated. Expires: 31-12-2026
✓ Found 12 exploit methods
❯ Select execution vector [1-5]: 1
Rootware interacts with an updated repository of target techniques managed dynamically without binary code compilation requirements:
copyfail— Page cache corruption via AF_ALG (CVE-2026-31431)dirtyfrag— ESP/XFRM page cache write (CVE-2026-43284)pack2theroot— PackageKit TOCTOU LPE (CVE-2026-41651)gttobins— GTFO Bins secondary privilege escalation vectorskernel— Dynamic kernel array vulnerability targetssudo/docker— Configuration abuse and container breakout escapes
Keys follow a strict string structure mapping specific expiration limits, provisioned through the official gateway bot:
# Key Input Protocol: KEY DD-MM-YYYY
ROOTWAREFREE 31-12-2026
SIN7-ENTERPRISE 30-06-2026
- Zero Persistent Changes: Runtime workspaces are systematically scrubbed and components unlinked immediately following active pipeline termination.
- Transparent Testing: Execution streams log directly to standard output for step-by-step audit control.
- User-Space Safety: Avoids unmanaged local state alterations or kernel module injections.
- Telegram Bot: @rootwbot
- Lead Developer: @tebub (Sin7)
- Secure Delivery: rootware@proton.me
