Cyber Security Academy · Lesson

Post-Exploitation: Pivot and Persist

Use Metasploit's post modules for privilege escalation, credential dumping, and persistence.

Post-Exploitation Goals

After initial access, the attacker's goals are: escalate privileges, gather intelligence, maintain persistent access, and move laterally to reach the true objective (data, systems, domain control).

Situational Awareness

First steps after shell: understand where you are. Collect system info, network config, current user privileges, running processes, and environment variables.

meterpreter > sysinfo
meterpreter > getuid
meterpreter > getpid
meterpreter > run post/multi/recon/local_exploit_suggester
meterpreter > run post/linux/gather/enum_system

All lessons in this course

Metasploit Architecture and msfconsole
Exploiting a Known Vulnerability
Payloads: Staged vs Stageless, Meterpreter
Post-Exploitation: Pivot and Persist

← Back to Cyber Security Academy