Linux Killchain

#Recon


#Weaponization

Make revshells here

https://www.revshells.com/


#Delivery

find a way to upload the payload to the target

ssh, ftp, web upload, wordpress plugin, smb/nfs share, injection, etc


#Exploit

run the exploit and if it doesn't work then go back to weaponization by trying another payload


#Privledge Escalation / Installation


Find system info like a local neofetch

hostnamectl


Local IP info

hostname -I


Better su perm search command:

find / -user root -perm -4000 -exec ls -ldb {} \; 2>/dev/null


Check those programs against GTFO bins

https://gtfobins.github.io/


#C&C/C2


#Actions