December 20, 2017 · 6 min · 1267 words · Etienne Stalmans Recently I was doing an assessment in a locked down and restricted environment. One of the first actions you tend to do when landing a shell on a [linux] box is to do some reconnaissance. This is both on host and network, as you want to determine what new access this host has given you. Normally you would run netstat, ifconfig, ip route etc