Summary
In this chapter, we focused on the fundamentals of exploitation and the different tools that convert findings from reconnaissance into a defined action that establishes the right connection between the tester and the target.
Kali provides several tools to facilitate the development, selection, and activation of exploits, including the internal Exploit-DB as well as several frameworks that simplify the use and management of these exploits. We took a deep dive into the MSF, using Armitage to manage multiple shells, and also learned how to compile different types of files from Exploit-DB into a real exploit.
We also focused on how to develop Windows exploits by identifying different fuzzing techniques. We also loaded the shell code into the custom exploits.
In the next chapter (Chapter 11, Action on the Objective and Lateral Movement), we will learn about the most important part of the attacker's kill chain as well as post-exploitation, privilege escalation, lateral movement in the network...