Advanced Penetration Testing & Post-Exploitation Tactics

Penetration Testing Methodology

DIY Project – Part 2<br/>Industry Assignment 2 – IS

<div><strong style='color:#f87171'>Course:</strong> Information Security</div>

<div style='margin-bottom:10px'><strong style='color:#60a5fa'>College:</strong> Amity University Online</div><div><strong style='color:#60a5fa'>Student Email:</strong> aryansingh2887@gmail.com</div>

Introduction

DIY Project – Part 2 focuses on advanced phases of penetration testing.

This phase starts after initial system access is achieved.

Activities include client-side attacks, post-exploitation, and maintaining access.

Testing was performed in a controlled virtual lab environment.

Objectives

To understand client-side attack techniques

To analyze attacker actions after system compromise

To study privilege escalation and persistence methods

To document findings and security risks

Client Side Attacks (Overview)

Targeting the End User

Binary Payloads

Client Side Exploits

Social Engineering Toolkit

Client-side attacks target the end user instead of directly attacking the system.

Privilege Escalation

Binary Payloads

Binary payloads rely on user execution

Payloads simulate malicious files

User interaction plays a critical role in successful attacks

Client Side Exploits

Targeting User Applications

Client-side vulnerabilities were identified

Exploits target browsers and user applications

Outdated software increases attack success rate

Social Engineering Toolkit

Social Engineering Toolkit was used for attack simulation

Focused on human-based attack techniques

Demonstrated how users can be manipulated into providing access

Privilege Escalation

Privilege escalation was analyzed after initial access

Misconfigurations allowed higher privilege access

Elevated privileges increased control over the system

Post Exploitation (Overview)

Privilege Escalation

Pass the Hash

Clearing Event Logs

Registry Interaction

Post-exploitation focuses on actions performed after successful compromise.

Pass The Hash

Credential hashes were reused for authentication

Passwords were not required in plaintext

Enabled lateral movement within the system

Clear Event Management

Keylogging captures keystrokes without user awareness, posing a silent threat.

Risks include theft of credentials, personal messages, and sensitive inputs.

This demonstrates the danger of long-term surveillance on compromised systems.

System event logs were analyzed

Log clearing techniques were observed

Demonstrated how attackers hide their activities

Registry Interaction

Windows registry was accessed

Registry values were modified

System behavior can be altered using registry changes

Additional Post Exploitation Activities

Packet sniffing used to analyze network traffic

Screen capture demonstrated user monitoring

Sensitive files were searched and identified

Timestamp manipulation was observed

John The Ripper

Password cracking technique analyzed

Weak passwords were cracked quickly

Highlighted importance of strong password policies

Final Verdict: Proper monitoring and user awareness are critical defenses.

Maintaining Access (Overview)

Maintaining access allows attackers to retain control over compromised systems.

Keylogging

Persistent Backdoors

Keylogging

Keystrokes were captured silently

User credentials and sensitive input were at risk

Demonstrates long-term surveillance threat

Persistent Backdoors

Persistence mechanisms were analyzed

Access could be regained after system reboot

Highlights need for continuous monitoring

Documentation & Reporting

All findings were documented

Vulnerabilities were categorized by risk

Recommendations were noted for mitigation

Conclusion (Part 2)

Client-side attacks exploit user behavior

Post-exploitation increases overall system damage

Maintaining access poses long-term security risks

Proper monitoring and user awareness are critical