Post Exploitation

In order to move horizontally on the network we need to know as much about the machine as possible. We need to loot it. These are some things that must be done on every compromised machine.

Tcp dump

Who else is connected to the machine?

Dump the hashes

It is always good to have a list of all the hashes and crack them. Maybe someone is reusing the password.

To what is the machine connected?

netstat

ipconfig

Email and personal files

Logs

results matching ""

    No results matching ""