Escaping Restricted Shell
Overview When performing host enumeration after gaining initial access, echo $SHELL may return /bin/rbash. This is a special shell that further restricts a standard user from executing commands....
Web Enumeration
Overview Websites are their own dedicated beast when it comes to enumeration. There are countless combinations of ports, web server configurations, and applications that could be the weakness onto...
Sat 30 May 2026
information_gathering
Host Enumeration (PrivEsc)
Overview These commands are typically used during the post-exploitation phase of information gathering. Once access to a host is obtained, further information about the target itself is required...
Thu 04 June 2026
information_gathering
Service Enumeration
FTP (20, 21) standard: control channel on port 21, data channel on port 20 ftp is insecure, cleartext anonymous login may be active allowing read or read/write without creds tftp is an alternate...
Thu 04 June 2026
information_gathering
Exploitation
Overview One fork after the assessment stage, requires utilizing the information from the two prior steps to prepare targeted attacks against the found endpoint. Attacks can be prioritized with...
Sun 31 May 2026
exploitation