## pspy [GitHub - DominicBreuker/pspy: Monitor linux processes without root permissions](https://github.com/DominicBreuker/pspy) - pspy is a great little script that lets you look at process without root permissions, checking running process is an integral part of priv esc as well as learning what your victim does on the backend. ## AutoRecon [GitHub - Tib3rius/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.](https://github.com/Tib3rius/AutoRecon) - call me a script kiddie all day long, but using this tool has greatly increased my organization. It will create: ![[AutoReconOut.png]] - it then runs nmap scans, directory enumeration, as well as identifying some CVEs ## LinPEAS & WinPEAS [linPEAS](https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS) [winPEAS](https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS) What I love so much about these are: 1) verbosity of output -> as a learner actually seeing what is ran and reading output is extremely helpful to actually understand what is happening 2) each repo has different methods of getting the script onto the victim as well as getting it to run Be sure to tee the output, and exfiltrate the data if possible, to then read on the host machine as well as to review later