I’ve had a private list of commands that I run on Windows or Linux when I pop a shell, as I’m sure most pentesters do. It isn’t so much a thing of hoarding as much it is just jumbled notes that are ‘not worth posting’
Well, I made two (now 3) public google docs (anyone can edit) *don’t be a dick clause
Linux/Unix/BSD Post Exploitation: https://docs.google.com/document/d/1ObQB6hmVvRPCgPTRZM5NMH034VDM-1N-EWPRz2770K4/edit?hl=en_US
Windows Post Exploitation: https://docs.google.com/document/d/1U10isynOpQtrIK6ChuReu-K1WHTJm4fgG3joiuz43rw/edit?hl=en_US
OSX Post Exploitation: https://docs.google.com/document/d/10AUm_zUdAQGgoHNo_eS0SO1K-24VVYnulUD2x3rJD3k/edit?hl=en_US
and the newly added Obsucure Syststem’s Post Exploitation: https://docs.google.com/document/d/1CIs6O1kMR-bXAT80U6Jficsqm0yR5dKUfUQgwiIKzgc/edit
and Metasploit Post Exploitation: https://docs.google.com/document/d/1ZrDJMQkrp_YbU_9Ni9wMNF2m3nIPEA_kekqqqA2Ywto/edit
Both have filled out A LOT since I first posted them but if you have that one trick command you’d like to share or just want to copy/print the list for your own uses, thats fine too. I plan to keep these publicly editable as long as people obey the DBAD clause.
If you don’t know any cool commands but happen to be a tech writer and can make it look beautiful, then great! Please do. There are tables at the bottom that I want to move everything to, or something like it, but if you can do it better…
Anyways, look forward to seeing how this thing grows.