Post-Exploit Tasks for CompTIA PenTest+
This course (part 9 in the PenTest+ series) focuses on methods of evading security countermeasures, maintaining access and covering your tracks.
What you'll learn
You have identified the big computing assets that an enterprise wants to keep protected — networks, hosts, and applications — and have done what you can to exploit their vulnerability. This is the core phase of any penetration testing engagement, but you are not done. You need to engage in post-exploitation activities to escape security countermeasures and maintain a foothold in the organization, long though the main actions have been accomplished.
In this course, Post Exploit Tasks for CompTIA PenTest+, you will gain understanding of the steps and techniques that you can use during this phase and the engagement. First, you will learn different lateral movement techniques that allow you make the most impact of the exploits you have already discovered. Once you understand this, you will learn about pivoting through port forwarding, VPNs, SSH, and others. Next, you will explore the different ways you can maintain persistence within the target network without drawing much attention to your self. Finally, you will use specific anti-forensics techniques to avoid software that is designed to catch you and your activities
When you are finished with this course, you will have the skills and knowledge of penetration tester needed to complete your post-exploit tasks on any any engagement.
Software required: [software required.] *
- Setting up the Lab environment from the "Laying the Foundation for Penetration Testing for CompTIA PenTest+" course.
Table of contents
- Intro to Anti-foresnics 3m
- Anti-forensics Techniques: Buffer Overflows and Heap Spraying 2m
- Anti-forensics Techniques: Memory Resident and Program Packing 2m
- Anti-forensics Techniques: VM Detection and ADS 2m
- Clearing Your Tracks 3m
- More Covering Your Tracks 3m
- Shredding Files 2m
- Modifying Timestamps 2m