I've had a private list of commands that I run on Windows or Linux when I pop a shell, as I'm sure most pentesters do. It isn't so much a thing of hoarding as much it is just jumbled notes that are 'not worth posting'
Well, I made two (now 3) public google docs (anyone can edit) *don't be a dick clause
Linux/Unix/BSD Post Exploitation:
Windows Post Exploitation:
OSX Post Exploitation:
and the newly added Obsucure Syststem's Post Exploitation:
and Metasploit Post Exploitation:
Both have filled out A LOT since I first posted them but if you have that one trick command you'd like to share or just want to copy/print the list for your own uses, thats fine too. I plan to keep these publicly editable as long as people obey the DBAD clause.
If you don't know any cool commands but happen to be a tech writer and can make it look beautiful, then great! Please do. There are tables at the bottom that I want to move everything to, or something like it, but if you can do it better...
Anyways, look forward to seeing how this thing grows.