1
00:00:00,640 --> 00:00:08,140
So now what in the previous section, you have gained access to the target systems and your new phase

2
00:00:08,500 --> 00:00:10,300
is post exploitation.

3
00:00:11,610 --> 00:00:19,410
So if the scope of the penetration test finishes here, OK, you've got something you can go in, outline

4
00:00:19,410 --> 00:00:20,700
your findings in a report.

5
00:00:21,780 --> 00:00:28,320
However, if the scope allows you to move on, then you can go way deeper and advance your techniques

6
00:00:28,320 --> 00:00:31,190
to see a broad view of the target system.

7
00:00:32,420 --> 00:00:39,530
Post exploitation is arguably the most important way to get a clear picture of a client's security posture.

8
00:00:40,870 --> 00:00:45,670
So what the heck is post exploitation specifically?

9
00:00:46,640 --> 00:00:53,540
It's indeed a phase in penetration testing that you will do the information gathering on the exploited

10
00:00:53,540 --> 00:00:58,850
systems, you can also escalate your privilege and move from system to system.

11
00:00:59,840 --> 00:01:08,330
It actually starts when you get limited or sometimes full access of the target and you want to search

12
00:01:08,330 --> 00:01:15,200
for certain files or folders, dump the user credentials, capture screenshots remotely, dump out the

13
00:01:15,200 --> 00:01:22,520
keystrokes from the remote system, escalate your privileges, and also try to make your access persistent.

14
00:01:23,610 --> 00:01:29,130
So then that means this section will cover the basics of post exploitation.

15
00:01:30,120 --> 00:01:38,220
Now MSF helps you a lot with many of the post exploitation modules and also provides many payloads to

16
00:01:38,220 --> 00:01:39,510
enable you to perform.

17
00:01:40,410 --> 00:01:41,520
Post exploitation.

18
00:01:42,720 --> 00:01:47,460
But what I'm going to do is cover my interpreter for the most part in this next section.

19
00:01:48,380 --> 00:01:54,910
My interpreter is an extension of the Métis Boyd framework that allows you to leverage Métis boy's functionality,

20
00:01:56,180 --> 00:02:03,950
it's also thought to be one of the flagship products in Métis boy, and I think that's absolutely not

21
00:02:04,490 --> 00:02:06,080
an underestimation.

22
00:02:08,860 --> 00:02:14,980
Interpretor is an advanced, multifunctional payload that can be used to leverage your capabilities

23
00:02:14,980 --> 00:02:16,600
dynamically at runtime.

24
00:02:17,350 --> 00:02:18,120
So let's move on.