Linux Killchain
#Recon
#Weaponization
Make revshells here
#Delivery
find a way to upload the payload to the target
ssh, ftp, web upload, wordpress plugin, smb/nfs share, injection, etc
#Exploit
run the exploit and if it doesn't work then go back to weaponization by trying another payload
#Privledge Escalation / Installation
Find system info like a local neofetch
hostnamectl
Local IP info
hostname -I
Better su perm search command:
find / -user root -perm -4000 -exec ls -ldb {} \; 2>/dev/null
Check those programs against GTFO bins
#C&C/C2
#Actions