Navigation : Reconnaissance Enumeration Exploitation Post-Exploitation - Post-Exploitation Unix -- File transfer -- Privilege escalation -- Collect credentials -- Persistence - Post-Exploitation Windows - Pivoting / tunneling - Password cracking Web Wi-Fi Physical access Misc Forensic Collect credentials Tools https://github.com/0xmitsurugi/gimmecredz Crack Shadow cp /etc/passwd . cp /etc/shadow . unshadow passwd shadow > unshadowed john --format=md5crypt unshadowed Keystore keytool -list -v -keystore keystore.jks Privilege escalation Persistence