From the course: CompTIA PenTest (PT0-002) Cert Prep
Join today to access over 23,200 courses taught by industry experts.
Detection avoidance techniques
From the course: CompTIA PenTest (PT0-002) Cert Prep
Detection avoidance techniques
- Once you carry out a successful compromise of a resource, you want to avoid being detected for as long as possible. That allows you to stretch the attack out and increase the damage as long as possible. Of course, from an attacker perspective, that's a great thing. From a pen tester perspective, it's also a good thing because it means that you have achieved a goal and you're demonstrating how bad a particular vulnerability can ultimately be. So you want to recommend controls to stop an attacker from doing just what you are doing. So how would an attacker go about avoiding detection? The idea is you want to avoid raising suspicion. You want to keep a low profile by living off the land. Sometimes it can be referred to as file list malware. Use what's there as opposed to introducing new tools. One thing you could look at is PSExec. Now, PSExec is a lightweight telnet replacement from Microsoft. You can get that and run it to allow you to remotely connect to compromised resources, and…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.