Wednesday, January 9, 2013

Post Exploitation - Discovering Network Information in Windows

For those who don't know it (already), Rapid7's Metasploit is a framework for penetration testing. It includes hundreds of exploits and has several modules for connecting to the compromised hosts. It also features modules for the post exploitation, such as hash dump or cached information retrieval.

Here is a cool article on the Post Exploitation Network Discovery in Windows. It explains how to gather network information, discover potential neighboring hosts and so forth. This only scratches the surface and will open the way for more discoveries.

People interested can also look at these books (on Amazon): Metasploit, Metasploit Penetration Testing Cookbook and Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research. I own the first one and I recommend it to anyone interested in a crash course.