Documentation Index
Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt
Use this file to discover all available pages before exploring further.
Identity
uname -a
cat /etc/os-release
cat /proc/version
hostnamectl
arch
Users & Groups
cat /etc/passwd
cat /etc/passwd | grep -v nologin | grep -v false
cat /etc/group
last
w
Users with Shell
grep -E '/bin/(bash|sh|zsh)' /etc/passwd
Network
ip a
ip route
ss -tlnp
netstat -tlnp
cat /etc/resolv.conf
cat /etc/hosts
arp -a
Running Processes
ps aux
ps aux | grep root
Watch for Processes (pspy)
# Download pspy
https://github.com/DominicBreuker/pspy/releases
./pspy64
Cron Jobs
crontab -l
ls -la /etc/cron*
cat /etc/crontab
systemctl list-timers
SUID / SGID
find / -perm -4000 -type f 2>/dev/null
find / -perm -2000 -type f 2>/dev/null
find / -perm -u=s -type f 2>/dev/null
Capabilities
Sudo
Writable Directories & Files
find / -writable -type d 2>/dev/null
find / -writable -type f 2>/dev/null | grep -v proc
World-writable Files Owned by Root
find / -writable -user root -type f 2>/dev/null | grep -v proc
Installed Software
dpkg -l
rpm -qa
apt list --installed 2>/dev/null
Drives & Mounts
df -h
mount
cat /etc/fstab
lsblk
SSH Keys
find / -name "id_rsa" -o -name "id_ed25519" -o -name "authorized_keys" 2>/dev/null
ls -la /home/*/.ssh/
ls -la /root/.ssh/ 2>/dev/null
Interesting Files
find / -name "*.conf" -o -name "*.config" -o -name "*.bak" -o -name "*.old" -o -name "*.txt" 2>/dev/null | grep -v proc | grep -v sys
History Files
cat ~/.bash_history
cat ~/.zsh_history
find / -name "*history" -type f 2>/dev/null
Config Files with Passwords
grep -ri "password" /etc/ 2>/dev/null
grep -ri "pass" /var/www/ 2>/dev/null
grep -ri "DB_PASSWORD" / 2>/dev/null | grep -v proc
Kernel Exploit Check
uname -r
cat /proc/version
Docker / LXD
id | grep -i docker
id | grep -i lxd
ls -la /var/run/docker.sock