Post-Exploitation
Post-exploitation refers to the phase that occurs after an attacker or ethical hacker has successfully exploited a system. In this stage, the focus shifts from gaining access to maintaining control, gathering sensitive information, and further expanding influence over the target network or system.

Activities during post-exploitation often include privilege escalation, lateral movement to other systems, data extraction, persistence mechanisms, and creating backdoors for future access.
We can find some main components in this stage:
Evasive Testing: Improve evasion skills, understanding how and why the client detects behavior
Persistence: Maintaining access to the exploited host
Information Gathering: Comeback to compiling information about the internal resources of a host
Pillaging: Examine the role of the host in the network and the network configurations
Vulnerability Assessment: Make a review of internal vulnerabilities of the system and ways of exploitation
Privilege Escalation: Go from a lower permission account to a higher permission one
Data Exfiltration: Exfiltrate information about the target, the users, and any confidential information, and try to transfer it to our machine
Last updated