Penetration Test - Survey the Target(10)

Common Attack Techniques

Common Attack Techniques

Changing exploit code can change the fingerprint of the exploit/

  • Exploit modification
    • May need to modify for success of evasion
  • Exploit chaining
    • Compromise one device/system to gain access to another
  • Proof-of-concept development
    • Exploit development
  • Social engineering
    • Help me
    • Urgent
    • Deceptive
  • Credential brute forcing
    • Brute force attacks can be time intensive
  • Enlightened Attacks
    • Dictionary
      • Passwords are normally stored in a hash.
      • Hash value - text encrypted using a hash function.
    • Rainbow table
QUICK REVIEW
  • Some exploits may need "tweaking" to work in your tests
  • Be able to recognize exploit chaining
  • Many exploits involve some social engineering
  • Credential attacks are time consuming and are rarely carried out as pure brute force attacks.
posted @ 2020-08-27 21:02  晨风_Eric  阅读(132)  评论(0编辑  收藏  举报