🚩Post-Exploitation
Introduction To Post-Exploitation
Post-exploitation is the final phase of the penetration testing process and consists of the tactics, techniques and procedures that attackers/adversaries undertake after obtaining initial access on a target system.
In other words, post-exploitation involves what you do or have to do once you gain an initial foothold on the target system.
Post-exploitation will differ based on the target operating system as well as the target infrastructure.
The post-exploitation techniques and tools that you can use will depend on what kind of access you have on the system you have compromised as well as how stealthy you have to be.
This ultimately means that you will need to utilize different techniques and tools based on the target operating system and its configuration.
The post-exploitation techniques you can run against the target will need to abide by the rules of engagement agreed upon with the client you are performing the pentest for.
Note: When running post-exploitation techniques, you need to be sure that you have the necessary permissions and rights to modify services, system configurations, perform privilege escalation, delete logs etc.
Post-Exploitation Methodology
In order to perform a thorough and complete post-exploitation phase, we need to utilize a structured methodology that encompasses the most important stages of post-exploitation that can be applied during engagements.
This structured, methodological approach ensures that we do not skip/overlook important phases of the post-exploitation phase in addition to providing us with trackable objectives based on each stage.
Post-Exploitation Checklist
Local Enumeration
Transferring Files
Upgrading Shells
Privilege Escalation
Persistence
Dumping & Cracking Hashes
Pivoting
Clearing Your Tracks
Hacker's Mantra:Hackers are the architects of the digital world.
Last updated
