Skip to main content
Once you have a shell on a Linux target, the goal is to understand what you have access to and escalate to root. These pages cover the standard privesc enumeration checklist and common post-exploitation tasks.

Privilege Escalation

SUID/SGID binaries, sudo misconfigs, cron jobs, writable paths, capabilities, kernel exploits, and enumeration tools (linpeas, pspy)

Post Exploitation

Credential hunting, lateral movement prep, persistence, and loot collection after root

First Things After Shell

Run these immediately on landing to orientate before going deeper: