diff --git a/Methodology and Resources/Metasploit - Cheatsheet.md b/Methodology and Resources/Metasploit - Cheatsheet.md
index 4ce0db7..3fb5bad 100644
--- a/Methodology and Resources/Metasploit - Cheatsheet.md	
+++ b/Methodology and Resources/Metasploit - Cheatsheet.md	
@@ -10,6 +10,7 @@
     * [Meterpreter Webdelivery](#meterpreter-webdelivery)
     * [Get System](#get-system)
     * [Persistence Startup](#persistence-startup)
+    * [Network Monitoring](#network-monitoring)
     * [Portforward](#portforward)
     * [Upload / Download](#upload---download)
     * [Execute from Memory](#execute-from-memory)
@@ -130,6 +131,16 @@ OPTIONS:
 meterpreter > run persistence -U -p 4242
 ```
 
+### Network Monitoring
+
+```powershell
+# list interfaces
+run packetrecorder -li
+
+# record interface n°1
+run packetrecorder -i 1
+```
+
 ### Portforward
 
 ```powershell
diff --git a/Methodology and Resources/Network Discovery.md b/Methodology and Resources/Network Discovery.md
index ab07f1a..10a6b63 100644
--- a/Methodology and Resources/Network Discovery.md	
+++ b/Methodology and Resources/Network Discovery.md	
@@ -103,8 +103,21 @@ List Nmap scripts : ls /usr/share/nmap/scripts/
 masscan -iL ips-online.txt --rate 10000 -p1-65535 --only-open -oL masscan.out
 masscan -e tun0 -p1-65535,U:1-65535 10.10.10.97 --rate 1000
 
-masscan --rate 500 --interface tap0 --router-ip $ROUTER_IP --top-ports 100 $NETWORK -oL masscan_machines.tmp
-masscan --rate 1000 --interface tap0 --router-ip $ROUTER_IP -p1-65535,U:1-65535 $MACHINE_IP --banners -oL $MACHINE_IP/scans/masscan-ports.lst
+# find machines on the network
+sudo masscan --rate 500 --interface tap0 --router-ip $ROUTER_IP --top-ports 100 $NETWORK -oL masscan_machines.tmp
+cat masscan_machines.tmp | grep open | cut -d " " -f4 | sort -u > masscan_machines.lst
+
+# find open ports for one machine
+sudo masscan --rate 1000 --interface tap0 --router-ip $ROUTER_IP -p1-65535,U:1-65535 $MACHINE_IP --banners -oL $MACHINE_IP/scans/masscan-ports.lst
+
+
+# TCP grab banners and services informations
+TCP_PORTS=$(cat $MACHINE_IP/scans/masscan-ports.lst| grep open | grep tcp | cut -d " " -f3 | tr '\n' ',' | head -c -1)
+[ "$TCP_PORTS" ] && sudo nmap -sT -sC -sV -v -Pn -n -T4 -p$TCP_PORTS --reason --version-intensity=5 -oA $MACHINE_IP/scans/nmap_tcp $MACHINE_IP
+
+# UDP grab banners and services informations
+UDP_PORTS=$(cat $MACHINE_IP/scans/masscan-ports.lst| grep open | grep udp | cut -d " " -f3 | tr '\n' ',' | head -c -1)
+[ "$UDP_PORTS" ] && sudo nmap -sU -sC -sV -v -Pn -n -T4 -p$UDP_PORTS --reason --version-intensity=5 -oA $MACHINE_IP/scans/nmap_udp $MACHINE_IP
 ```
 
 ## Reconnoitre
diff --git a/Methodology and Resources/Network Pivoting Techniques.md b/Methodology and Resources/Network Pivoting Techniques.md
index 4f05b02..ebc262e 100644
--- a/Methodology and Resources/Network Pivoting Techniques.md	
+++ b/Methodology and Resources/Network Pivoting Techniques.md	
@@ -195,10 +195,17 @@ python client.py --server-ip [server ip] --server-port 9443 --ntlm-proxy-ip [pro
 ## plink
 
 ```powershell
-plink -l root -pw toor ssh-server-ip -R 3390:127.0.0.1:3389    --> exposes the RDP port of the machine in the port 3390 of the SSH Server
+# exposes the SMB port of the machine in the port 445 of the SSH Server
+plink -l root -pw toor -R 445:127.0.0.1:445 
+# exposes the RDP port of the machine in the port 3390 of the SSH Server
+plink -l root -pw toor ssh-server-ip -R 3390:127.0.0.1:3389  
+
 plink -l root -pw mypassword 192.168.18.84 -R
 plink.exe -v -pw mypassword user@10.10.10.10 -L 6666:127.0.0.1:445
+
 plink -R [Port to forward to on your VPS]:localhost:[Port to forward on your local machine] [VPS IP]
+# redirects the Windows port 445 to Kali on port 22
+plink -P 22 -l root -pw some_password -C -R 445:127.0.0.1:445 192.168.12.185   
 ```
 
 ## ngrok
diff --git a/Methodology and Resources/Windows - Privilege Escalation.md b/Methodology and Resources/Windows - Privilege Escalation.md
index 9401316..84d92b6 100644
--- a/Methodology and Resources/Windows - Privilege Escalation.md	
+++ b/Methodology and Resources/Windows - Privilege Escalation.md	
@@ -490,7 +490,8 @@ net start upnphost
 sc config upnphost depend=""
 ```
 
-Using [`accesschk`](https://web.archive.org/web/20080530012252/http://live.sysinternals.com/accesschk.exe) from Sysinternals.
+Using [`accesschk`](https://web.archive.org/web/20080530012252/http://live.sysinternals.com/accesschk.exe) from Sysinternals or [accesschk-XP.exe - github.com/phackt](https://github.com/phackt/pentest/blob/master/privesc/windows/accesschk-XP.exe)
+
 ```powershell
 $ accesschk.exe -uwcqv "Authenticated Users" * /accepteula
 RW SSDPSRV
@@ -588,7 +589,6 @@ Check if these registry values are set to "1".
 
 ```bat
 $ reg query HKCU\SOFTWARE\Policies\Microsoft\Windows\Installer /v AlwaysInstallElevated
-
 $ reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\Installer /v AlwaysInstallElevated
 ```
 
diff --git a/Upload Insecure Files/CVE Image Tragik/README.md b/Upload Insecure Files/Picture Image Magik/README.md
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/README.md
rename to Upload Insecure Files/Picture Image Magik/README.md
diff --git a/Upload Insecure Files/CVE Image Tragik/imagemagik_ghostscript_reverse_shell.jpg b/Upload Insecure Files/Picture Image Magik/imagemagik_ghostscript_reverse_shell.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagemagik_ghostscript_reverse_shell.jpg
rename to Upload Insecure Files/Picture Image Magik/imagemagik_ghostscript_reverse_shell.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_wget.gif b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_wget.gif
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_wget.gif
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_imageover_wget.gif
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_bind_shell_nc.mvg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_bind_shell_nc.mvg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_bind_shell_nc.mvg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_bind_shell_nc.mvg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_curl.png b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_curl.png
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_curl.png
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_curl.png
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_portscan.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_portscan.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_portscan.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_portscan.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_remote_connection.mvg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_remote_connection.mvg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_remote_connection.mvg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_remote_connection.mvg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_reverse_shell_bash.mvg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_reverse_shell_bash.mvg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_reverse_shell_bash.mvg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_reverse_shell_bash.mvg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_touch.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_touch.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_touch.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_url_touch.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml b/Upload Insecure Files/Picture Image Magik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml
rename to Upload Insecure Files/Picture Image Magik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik2_burpcollaborator_passwd.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik2_burpcollaborator_passwd.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik2_burpcollaborator_passwd.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik2_burpcollaborator_passwd.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik2_centos_id.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik2_centos_id.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik2_centos_id.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik2_centos_id.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_id.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik2_ubuntu_id.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_id.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik2_ubuntu_id.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_shell.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik2_ubuntu_shell.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_shell.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik2_ubuntu_shell.jpg
diff --git a/Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_shell2.jpg b/Upload Insecure Files/Picture Image Magik/imagetragik2_ubuntu_shell2.jpg
similarity index 100%
rename from Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_shell2.jpg
rename to Upload Insecure Files/Picture Image Magik/imagetragik2_ubuntu_shell2.jpg