Post-Exploitation

Post-exploitation refers to the phase that occurs after an attacker or ethical hacker has successfully exploited a system. In this stage, the focus shifts from gaining access to maintaining control, gathering sensitive information, and further expanding influence over the target network or system.

Activities during post-exploitation often include privilege escalation, lateral movement to other systems, data extraction, persistence mechanisms, and creating backdoors for future access.

We can find some main components in this stage:

• Evasive Testing: Improve evasion skills understanding how and why the client detects behavior.

• Persistence: Maintaining access to the exploited host.

• Information Gathering: Comeback to compiling information about the internal resources of a host.

• Pillaging: Examine the role of the host in the network and the network configurations.

• Vulnerability Assessment: Make a review of internal vulnerabilities of the system and ways of exploitation.

• Privilege Escalation: Go from a lower permission account to a higher permission one.

• Data Exfiltration: Exfiltrate information about the target, the users, and any confidential information, and try to transfer it to our machine.