Exfiltrate Data
There are several reasons why an attacker might want to get data back out of a system or network: The process of getting the data out can be as simple…
June 2026
Ensure Future Access
Once high privileges are established and an account for future use is established, the next need is to ensure there is a pathway for future access. Use a penetration agent/rootkit…
Add an Admin User
Once admin/root privileges have been established, an attacker will often create a new account with high privilege levels in order to allow future access without needing to take extraordinary action.…
Escalate Privileges
After penetration, if the established presence doesn’t have admin/root privileges, a top priority may become escalating privileges so that further action become possible. There are a variety of ways to…
Whoami?
One of the first tasks of the attacker after penetrating a system is to figure out what account status is associated with the presence established and what permissions and privileges…
Password Strength Requirements
While the main premise of the article linked below is correct, it understates a key part of password cracking methodology. There are two primary means of cracking passwords: using word…
Zero Day Vulnerabilities Have No Patch Yet
When computer system vulnerabilities are discovered, patches are issued that have been designed to close the hole of vulnerability. The patches take some time to construct and deploy and even…
Physical Attacks
Physical attacks are attacks that involve penetrating the physical security protecting information systems. In a facility with low physical security or public access, it can be as simple as walking…
Application Attacks
Application attacks focus on application software instead of the operating system, where most classical perimeter exploit vulnerabilities are found. A wide variety of application attacks are aimed at web servers…
Client-side Attacks
Client-side attacks take advantage of weaknesses found in client software usually running on users workstations. Most client-side attacks involve either a web link to a web page that can deliver…