You're reading from Windows and Linux Penetration Testing from Scratch Harness the power of pen testing with Kali Linux for unbeatable hard-hitting results

Product type Paperback

Published in Aug 2022

Publisher Packt

ISBN-13 9781801815123

Length 510 pages

Edition 2nd Edition

Languages

Scratch

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Phil Bramwell

View More author details

Table of Contents (23) Chapters

Preface

1. Part 1: Recon and Exploitation

2. Chapter 1: Open Source Intelligence FREE CHAPTER

3. Chapter 2: Bypassing Network Access Control

4. Chapter 3: Sniffing and Spoofing

5. Chapter 4: Windows Passwords on the Network

6. Chapter 5: Assessing Network Security

7. Chapter 6: Cryptography and the Penetration Tester

8. Chapter 7: Advanced Exploitation with Metasploit

9. Part 2: Vulnerability Fundamentals

10. Chapter 8: Python Fundamentals

11. Chapter 9: PowerShell Fundamentals

12. Chapter 10: Shellcoding - The Stack

13. Chapter 11: Shellcoding – Bypassing Protections

14. Chapter 12: Shellcoding – Evading Antivirus

15. Chapter 13: Windows Kernel Security

16. Chapter 14: Fuzzing Techniques

17. Part 3: Post-Exploitation

18. Chapter 15: Going Beyond the Foothold

19. Chapter 16: Escalating Privileges

20. Chapter 17: Maintaining Access

21. Answers

22. Other Books You May Enjoy

Dancing in the shadows – looting domain controllers with vssadmin

So, you achieved domain administrator in your client’s environment. Congratulations! Now what?

In a section about pressing forward from initial compromise and a chapter about escalating privileges, we need a little outside-of-the-box thinking. We’ve covered a lot of technical ground, but don’t forget the whole idea – you’re conducting an assessment for a client, and the value of your results isn’t just a bunch of screenshots with green text in them. When you’re having a drink with your hacker friends and you tell them about your domain administrator compromise, they understand what that means. But when you’re presenting your findings for the executive management of a client? I’ve had countless executives ask me point-blank, so what? Shaking them by the shoulders while shouting I got domain admin by sniffing their printer isn’t going to convince...