Local Enumeration helpers (post-exploit)
Quick commands to gather local information (when you have a shell).
id
Display current user and groups.
uname -e
Show kernel and system information.
ps aux | egrep 'ssh|nc|python|perl'
Looks for running processes you might pivot through.
ss -tulpen
List listening sockets, owners and PIDs.
sudo -l
Checks what current user can run sudo (prime privilege escalation check).
cat /etc/passwd
List local users (for privilege escalation & lateral movement).
find / -perm -4000 -type f 2>/dev/null
Find SUID binaries that might be abused for escalation.