exec-interactive: label: Interactive description: It executes interactive commands that may be exploited to break out from restricted shells. exec-non-interactive: label: Non-interactive description: It executes non-interactive commands that may be exploited to break out from restricted shells. suid-enabled: label: SUID description: It runs with the SUID bit set and may be exploited to escalate or maintain the privileges working as a SUID backdoor. The `-p` option may be useless or even wrong for certain distributions like Debian that runs in privileged mode by default. suid-limited: label: Limited SUID description: It runs with the SUID bit set and may be exploited to escalate or maintain the privileges working as a SUID backdoor. This works if the default system shell doesn't drop the SUID privileges, which is usually only valid for Debian Linux systems (if that's the case don't use the `-p` option). sudo-enabled: label: Sudo description: It runs in privileged context and may be used to escalate or maintain privileges if enabled on `sudo`. download: label: Download description: It can download remote files. upload: label: Upload description: It can exfiltrate files on the network. bind-shell: label: Bind shell description: It can bind a shell to a local port to allow remote network access. reverse-shell: label: Reverse shell description: It can send back a reverse shell to a listening attacker to open a remote network access. load-library: label: Library load description: It loads shared libraries that may be used to run code in the binary execution context. bind-shell-non-interactive: label: Non-interactive bind shell description: It can bind a non-interactive shell to a local port to allow remote network access. reverse-shell-non-interactive: label: Non-interactive reverse shell description: It can send back a non-interactive reverse shell to a listening attacker to open a remote network access.