Hello and welcome to another Penetration, testing, execution Standard discussion. Today we're going to do our overview of the post exploitation section of the Pee test standard. So jumping right in the first thing we're going to do is look at the purpose of the post exploitation section
and what should not be done in post exploitation.
We're going to reiterate rules of engagement within post exploitation, protecting the client and protecting yourself for some best practice areas that we're gonna focus on.
We're gonna jump into infrastructure analysis. You know, looking at areas like reviewing network configurations such as interfaces. Rounding Deanna Server's Cache, D. N s entries and review of network service is as a part of the post exploitation section.
We're going to get into pillaging, which is a little extensive, but we'll talk about what that is in all of the different areas that will want to review within pillaging.
We're going to get into high value and profile targets what they are, why they should be sought and what precautions we should take when
looking at these particular target types. Then we'll discuss data exfiltration and a review of mapping possible ex filtration paths will review testing, ex filtration pants and measuring control strengths that are currently implemented to try and prevent data exfiltration from the environment.
Well, then, look at persistence and we'll discuss installation of backdoors, installation and or modification of service is
and discuss The creation of accounts will then do further penetration into infrastructure, where we'll talk about pivoting from compromise system pivoting and through compromise system pivoting. And then we'll discuss the all important cleanup. Why we do it and a few examples steps.
So with that in mind, I'm excited to go ahead and jump in to post exploitation.