The Linux find command is a valuable tool and skill to quickly discover valuable files on a system. The commands below are some of the common ones I use on pentesting engagements:

find / -name *.txt                                                                           #Find all .txt files on the system
find / -name password*                                                                       #Find all files on the system starting with password
find . -type f -exec cat {} + | grep -a 'password'                                           #Find all files in a folder and its sub folders and cat them and grep for files containing the word password
find . -type f -exec cat {} + | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'    #Find all files in a folder and its sub folders and cat them and grep for files containing IP addresses
find / -type f -perm 0777                                                                    #Find all world writable files on the system
find / 2>>/dev/null | grep "shadow.bak"                                                      #Find backup file of the /etc/shadow file
find / 2>>/dev/null | grep -i "passwords"                                                    #Find a file called passwords
find / -xdev -type f -print0 2>/dev/null | xargs -0 grep -E '^[a-z0–9]{32}$' 2>/dev/null     #Searches the entire system for files containing a string of 32 characters containing letters and numbers
find / -type f -name *.xml                                                                   #Find all files only with the.xml extension
find /home -type f -iname "passwords.txt"                                                    #Find all files only in the home directory with the name passwords.txt 
find / -type d -name *exploits*                                                              #Find all directories containing the word exploits
find / -type f -user "admin"                                                                 #Find all files on the system owned by admin
find / -type f -group "admins" 2>/dev/null                                                   #Find all the files on the system owned by the group “admins”
find / -type f -size 150c                                                                    #Find all files on the system that are exactly 150 bytes (c = bytes;  k = KiB's;  M = MiB's)
find /home -type f -size -2k -name "*.txt"                                                   #Find all files in the home directory that end in .txt and are less than 2 kilobytes in size    
find / -type f -perm 644                                                                     #Find all files on the system that are readable and writable by the file owner (6) and readable by everybody else 4 & 4
find / -type f -perm 444                                                                     #Find all files on the system that are only readable by everybody (Octal format)
find / -type f -perm o=w -name "*.sh"                                                        #Find all the files on the system where the group “Others” has write permissions on files ending .sh  (symbolic format)
find /usr/bin -type f -user root -perm /u=s                                                  #Find all files in the /usr/bin directory (recursive) that are owned by root and have at least the SUID permission (symbolic format)                                              
find / -type f -atime -10 -name "*.png"                                                      #Find all files ending with extensin .png that have not been accessed in the last 10 days  (a = accessed; m = modified; c = status changed)
find /usr/bin -type f -mmin -120                                                             #Find all files in the directory /usr/bin that have not been modified in the last 2 hours
find ~/workflows -type f -newermt 2016-09-11 ! -newermt 2025-09-13 2>/dev/null               #Find files in a specific directory that was modified on the 2025-09-12