Explore post-exploitation techniques in Metasploit with this conference talk from Derbycon 2012. Dive into the fundamentals of post-exploitation, its importance in penetration testing, and how to leverage Metasploit's capabilities. Learn the structure of post-exploitation modules, including initialization, option registration, and run method implementation. Discover how to utilize post libraries, provide feedback, and store loot. Gain insights on contributing modules to the Metasploit framework, including guidelines, forking, and submitting pull requests. Enhance your understanding of advanced penetration testing methodologies and expand your cybersecurity skillset.
Overview
Syllabus
Intro
STEPHEN HAYWOOD
SHOUT OUT
DON'T TAKE NOTES
WHAT IS POST- EXPLOITATION?
POST-EXPLOITATION HAS THE BLING
POST-EXPLOITATION WITH METASPLOIT
HOW TO BUILD POST- EXPLOITATION MODULES
BASIC STRUCTURE
INITIALIZE
REGISTER OPTIONS
REGISTER ADVANCED OPTIONS
VALID OPTION TYPES
BUILD THE RUN METHOD
USE THE POST LIBRARIES
PROVIDING FEEDBACK
BUILDING POST- EXPLOITATION MODULES
STORE THE LOOT
CONTRIBUTING MODULES TO THE FRAMEWORK
READ THE GUIDELINES
FORK THE FRAMEWORK
ADD YOUR CODE
SUBMIT A PULL REQUEST
WHAT DID WE LEARN?
