Penetration testers and attackers alike use tools without understanding the impact or what is left behind. This presentation will look at a variety of different methodologies for delivering shells and then track the artifacts that are left behind. For attackers, we will be discussing some additional ways to limit your footprint. For defenders, we will highlight common areas for review and show patterns for a number of the most common ways of achieving shells. Along the way we will highlight the IOCs that will help defenders more easily identify the tools and methodologies used for attacks, as well as ways to limit their impact.