Common Attack Techniques

Common Attack Techniques

• Some Windows exploits can be run in Linux
• Cross-compiling code
  • Compile exploit for another OS
  • https://www.hackingtutorials.org/exploit-tutorials/mingw-w64-how-to-compile-windows-exploits-on-kali-linux/

Changing exploit code can change the fingerprint of the exploit/

• Exploit modification
  • May need to modify for success of evasion
• Exploit chaining
  • Compromise one device/system to gain access to another
• Proof-of-concept development
  • Exploit development
• Social engineering
  • Help me
  • Urgent
  • Deceptive
• Credential brute forcing
  • Brute force attacks can be time intensive
• Enlightened Attacks
  • Dictionary
    • Passwords are normally stored in a hash.
    • Hash value - text encrypted using a hash function.
  • Rainbow table

QUICK REVIEW

• Some exploits may need "tweaking" to work in your tests
• Be able to recognize exploit chaining
• Many exploits involve some social engineering
• Credential attacks are time consuming and are rarely carried out as pure brute force attacks.

Penetration Test - Survey the Target(10)

原文：https://www.cnblogs.com/keepmoving1113/p/13573979.html