Post-Exploitation
Post-exploitation is the phase where you establish persistent access and avoid relying on a single entry point. The aim is to be able to access the environment whenever you want for a longer time period. It’s important to note that this phase happens after the initial exploitation of the target machine. In this phase, attackers install backdoors, get higher privileges, move within the environment, and plant rootkits in the targeted environment.
As we focus on maintaining access, in this chapter, we will be covering the following main topics:
- Privilege escalation
- Lateral movement
- Backdoors and Trojan horses
- Rootkits
- Maintaining access in a cloud environment
- Maintaining access exercises and best practices
