Capabilities-driven privesc TL;DR: Per-binary capabilities granted via setcap; cap_setuid+ep on a python is instant root. Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/linux-capabilities.html