Penetration Testing

Getting user.txt is just the beginning. Here’s how I hunt for privilege escalation paths on Linux boxes — what I check, how I think, and why it still stumps me sometimes.

Understand what shells really are, how they evolved, why they matter, and how different types like reverse shells and webshells work.

After exploring XSS in Part 1, we now dive into server-side command injection, shell behavior, piping, and classic reverse shell tactics.

Lab setup with Kali and Metasploitable 2, safe networking configuration, and a proper starting point for reflected XSS.