README.md

@@ -44,11 +44,11 @@ sudo nmap -sSV -oA OUTPUTFILE -T4 -iL INPUTFILE.csv
 * CTF Scan
 ```
 nmap -sV -sC -oA nmap/basic IP
-
-• -sV : Probe open ports to determine service/version info
-• -sC : to enable the script
-• -oA : to save the results
 ```
+  * -sV : Probe open ports to determine service/version info
+  * -sC : to enable the script
+  * -oA : to save the results
+
 After this quick command you can add "-p-" to run a full scan while you work with the previous result
 ```
 nmap -sV -sC -oA -p- nmap/initial IP
@@ -57,10 +57,10 @@ nmap -sV -sC -oA -p- nmap/initial IP
 * Aggressive Nmap
 ```
 nmap -A -T4 scanme.nmap.org
-
-• -A: Enable OS detection, version detection, script scanning, and traceroute
-• -T4: Defines the timing for the task (options are 0-5 and higher is faster)
 ```
+  * -A: Enable OS detection, version detection, script scanning, and traceroute
+  * -T4: Defines the timing for the task (options are 0-5 and higher is faster)
+
 
 * Masscan
 
@@ -84,14 +84,10 @@ masscan IP -p 1-65535 --rate 100 -oX masscan.xml
 ```
 
 
-## Stage 2 - Attacking
+## Stage 2 - Foothold
 
 ### Get a Shell
 
-
-
-
-
 To check if the shell is a tty shell, just enter tty command like the following.
 
 ```bash
@@ -111,45 +107,48 @@ This is the most popular method for spawning a tty shell. The target server shou
 ```
 python -c "import pty;pty.spawn('/bin/bash')"
 ```
- 
-Echo:
 ```
+  * Echo:
+
 echo 'os.system('/bin/bash')'
 ```
- 
-sh:
 ```
+  * sh:
+
 /bin/sh -i
 ```
  
-Bash:
+  * Bash:
 ```
 /bin/bash -i
 ```
  
-Perl:
+  * Perl:
 ```
 perl -e 'exec "/bin/sh";'
 ```
  
-Ruby:
+  * Ruby:
 ```
 ruby: exec "/bin/sh"
 ```
  
-Lua:
+  * Lua:
 ```
 lua: os.execute('/bin/sh')
 ```
  
-From within vi:
+  * From within vi:
 ```
 :!bash
 
 :set shell=/bin/bash:shell
 ```
  
-From within nmap:
+  * From within nmap:
 ```
 !sh
 ```
+
+
+