Kali Linux

  1. The Kali Linux Toolkit: Post-Exploitation
    1. Post-Exploitation Fundamentals
      1. Post-Exploitation Objectives
        1. Maintaining Access
          1. Information Gathering
            1. Lateral Movement
              1. Data Exfiltration
              2. Privilege Escalation
                1. Linux Privilege Escalation
                  1. SUID/SGID Exploitation
                    1. Kernel Exploits
                      1. Service Misconfigurations
                        1. Cron Job Exploitation
                          1. Environment Variable Manipulation
                            1. Sudo Misconfigurations
                            2. Windows Privilege Escalation
                              1. Token Impersonation
                                1. Service Account Exploitation
                                  1. Registry Exploitation
                                    1. DLL Hijacking
                                      1. Unquoted Service Paths
                                        1. Always Install Elevated
                                        2. Privilege Escalation Tools
                                          1. LinEnum
                                            1. linux-exploit-suggester
                                              1. Windows-Exploit-Suggester
                                                1. PowerUp
                                                  1. BeRoot
                                                2. Persistence Mechanisms
                                                  1. Linux Persistence
                                                    1. Cron Jobs
                                                      1. Startup Scripts
                                                        1. Service Creation
                                                          1. SSH Key Installation
                                                            1. Backdoor Accounts
                                                            2. Windows Persistence
                                                              1. Registry Modifications
                                                                1. Scheduled Tasks
                                                                  1. Service Installation
                                                                    1. WMI Event Subscriptions
                                                                      1. DLL Hijacking
                                                                      2. Web Application Persistence
                                                                        1. Web Shells
                                                                          1. Backdoor Scripts
                                                                            1. Database Triggers
                                                                          2. Lateral Movement
                                                                            1. Network Pivoting
                                                                              1. Proxychains
                                                                                1. Configuration
                                                                                  1. SOCKS Proxy Setup
                                                                                    1. Chain Types
                                                                                    2. SSH Tunneling
                                                                                      1. Local Port Forwarding
                                                                                        1. Remote Port Forwarding
                                                                                          1. Dynamic Port Forwarding
                                                                                          2. Metasploit Pivoting
                                                                                            1. Route Addition
                                                                                              1. Port Forwarding
                                                                                                1. SOCKS Proxy
                                                                                              2. Credential Harvesting
                                                                                                1. Memory Dumping
                                                                                                  1. Password File Extraction
                                                                                                    1. Browser Credential Extraction
                                                                                                      1. Network Credential Sniffing
                                                                                                      2. Pass-the-Hash Attacks
                                                                                                        1. Golden Ticket Attacks
                                                                                                          1. Silver Ticket Attacks
                                                                                                          2. Data Collection and Exfiltration
                                                                                                            1. System Information Gathering
                                                                                                              1. Operating System Details
                                                                                                                1. Network Configuration
                                                                                                                  1. Installed Software
                                                                                                                    1. Running Processes
                                                                                                                      1. User Accounts
                                                                                                                      2. File System Analysis
                                                                                                                        1. Sensitive File Location
                                                                                                                          1. Database Files
                                                                                                                            1. Configuration Files
                                                                                                                              1. Log Files
                                                                                                                              2. Data Exfiltration Techniques
                                                                                                                                1. HTTP/HTTPS Exfiltration
                                                                                                                                  1. DNS Exfiltration
                                                                                                                                    1. Email Exfiltration
                                                                                                                                      1. FTP/SFTP Transfer
                                                                                                                                        1. Covert Channels
                                                                                                                                        2. Data Exfiltration Tools
                                                                                                                                          1. File Transfer Utilities
                                                                                                                                            1. Compression Tools
                                                                                                                                              1. Encryption Tools
                                                                                                                                            2. Anti-Forensics Techniques
                                                                                                                                              1. Log Manipulation
                                                                                                                                                1. Event Log Clearing
                                                                                                                                                  1. Log File Modification
                                                                                                                                                    1. Timestamp Manipulation
                                                                                                                                                    2. File System Manipulation
                                                                                                                                                      1. File Deletion
                                                                                                                                                        1. Secure Deletion
                                                                                                                                                          1. File Attribute Modification
                                                                                                                                                          2. Network Trace Removal
                                                                                                                                                            1. Connection Log Clearing
                                                                                                                                                              1. Network Configuration Reset
                                                                                                                                                              2. Registry Cleanup
                                                                                                                                                                1. Registry Key Deletion
                                                                                                                                                                  1. Registry Value Modification
                                                                                                                                                                2. Command and Control
                                                                                                                                                                  1. C2 Frameworks
                                                                                                                                                                    1. Metasploit C2
                                                                                                                                                                      1. Cobalt Strike
                                                                                                                                                                        1. Empire
                                                                                                                                                                          1. Covenant
                                                                                                                                                                          2. Communication Channels
                                                                                                                                                                            1. HTTP/HTTPS
                                                                                                                                                                              1. DNS
                                                                                                                                                                                1. Social Media
                                                                                                                                                                                  1. Cloud Services
                                                                                                                                                                                  2. Beacon Configuration
                                                                                                                                                                                    1. Check-in Intervals
                                                                                                                                                                                      1. Jitter Settings
                                                                                                                                                                                        1. Sleep Modes

                                                                                                                                                                                    Previous

                                                                                                                                                                                    13. The Kali Linux Toolkit: Sniffing and Spoofing

                                                                                                                                                                                    Go to top

                                                                                                                                                                                    Next

                                                                                                                                                                                    15. The Kali Linux Toolkit: Forensics