Linux Killchain

#Recon

#Weaponization

Make revshells here

https://www.revshells.com/

#Delivery

find a way to upload the payload to the target

ssh, ftp, web upload, wordpress plugin, smb/nfs share, injection, etc

#Exploit

run the exploit and if it doesn't work then go back to weaponization by trying another payload

#Privledge Escalation / Installation

Find system info like a local neofetch

hostnamectl

Local IP info

hostname -I

Better su perm search command:

find / -user root -perm -4000 -exec ls -ldb {} \; 2>/dev/null

Check those programs against GTFO bins

https://gtfobins.github.io/

#C&C/C2

#Actions