In this chapter, we focused on the fundamentals of exploitation and the different tools that convert findings from reconnaissance into a defined action that establishes the right connection between the tester and the target.
Kali provides several tools to facilitate the development, selection, and activation of exploits, including the internal Exploit-DB database, as well as several frameworks that simplify the use and management of the exploits. We took a deep dive into the Metasploit Framework, used Armitage to manage multiple shells, and we also learned how to compile different types of files from Exploit-DB into a real exploit.
We also focused on the how to develop Windows exploits by identifying the different fuzzing techniques and loading the shell code into the custom exploits.
In the next chapter (Chapter 12, Action on the Objective), we will learn about the most...
