Post-Exploitation involves all of the steps that take place once you’ve gained access to a target system. In most cases, you’ll begin with a low-privilege account, and the majority of your post-exploitation efforts will involve seeking methods for Privilege Escalation (privesc), the process of gaining access to administrative accounts on the system. Another important consideration is Pivoting, wherein you’ll attempt to use your privileged access on one system to gain access to another.

This is where the second major enumeration phase takes place. Where the first phase focused on enumerating the software, services and data visible from outside the target system, the second focuses on discovering the software, services and data visible from within the target system, in order to determine what potential weaknesses may be exploited for Privilege Escalation, Pivoting, and other goals.

The tools and techniques discussed in this chapter will help in achieving these goals.