Post-Exploitation

Post-exploitation refers to the phase that occurs after an attacker or ethical hacker has successfully exploited a system. In this stage, the focus shifts from gaining access to maintaining control, gathering sensitive information, and further expanding influence over the target network or system.

Activities during post-exploitation often include privilege escalation, lateral movement to other systems, data extraction, persistence mechanisms, and creating backdoors for future access.

We can find some main components in this stage:

  • Evasive Testing: Improve evasion skills, understanding how and why the client detects behavior

  • Persistence: Maintaining access to the exploited host

  • Information Gathering: Comeback to compiling information about the internal resources of a host

  • Pillaging: Examine the role of the host in the network and the network configurations

  • Vulnerability Assessment: Make a review of internal vulnerabilities of the system and ways of exploitation

  • Privilege Escalation: Go from a lower permission account to a higher permission one

  • Data Exfiltration: Exfiltrate information about the target, the users, and any confidential information, and try to transfer it to our machine

Last updated