Chapter 9. Post-Exploitation
Post-exploitation is an often overlooked aspect of penetration testing. In the past, many even considered the job to be complete the moment that shell access is gained on a remote target machine. Goal-oriented pentesting will require more than this. There must be a specific goal, such as accessing a critical database or obtaining key credentials that will allow an attacker to read private corporate e-mails, for the penetration test to be of value. Business owners and managers are concerned with protecting the confidentiality, integrity, and availability of their assets and data. Reporting that a random system was easily compromised means very little compared to providing tangible proof that an attacker could effortlessly ...
Get Advanced Penetration Testing for Highly-Secured Environments - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.