Basic enumeration checklist

Basic priorities

  • hostname (what is this machine)

  • uname -a (same, but with more OS detail)

  • id (who am I and what groups am I apart of)

  • /etc/passwd (can be piped into cut -d ":" -f 1 to output usernames only, or piped into grep home to identify users that aren't service accounts)

  • sudo -l to check what we can execute with privileges

  • ifconfig & iproute (what is this machine connected to)

  • netstat (-a for all connections, -l for listening ones, -p to show the processes, -i to show stats by interface

  • ps (-A to show all runing processes, -axjf to visualize the process tree, and -aux to see all of them including the ones not attached to a terminal)

  • ls -la to list every file in the directory, hidden ones included

  • env to show environment variables

  • /proc/version & /etc/issue (potential additional details about the OS)

  • history

  • find ( basic syntax is find [directory] options. -name to search for specific files or with a regex, -type to specify directories or files, -perm for permissions, -user to specify ownership, -size is self-explanatory)

PreviousCredentials on WindowsNextGTFObins

Last updated

Was this helpful?