Post Metasploitation: Improving Accuracy and Efficiency in Post Exploitation Using the Metasploit Framework

Presented at DEF CON 20 (2012), July 29, 2012, noon (50 minutes)

As many in this community have echoed, shell is just the beginning. Owning a box is all well and good, but where do you go from there? Everyone has their own secret sauce for furthering their access after gaining a foothold. This talk will focus on the techniques, from simple to advanced, available for post exploitation using the Metasploit Framework.

Presenters:

• James Lee / Egyp7 - Developer, Rapid7   as egypt
  egypt is a software developer for Rapid7 where he is a core developer for the Metasploit Framework. Before devoting all his time to Metasploit, he was a Cybersecurity researcher for Idaho National Laboratory where he discovered numerous vulnerabilities in SCADA and Industrial Control Systems and probably didn't write Stuxnet. egypt has presented at DEF CON, BSidesLV, Black Hat, Derbycon and other venues. Note that egypt is not Egypt. The two can be distinguished easily by their relative beards -- Egypt has millions, while egypt only has the one. Twitter: @egyp7

Links:

• https://defcon.org/html/defcon-20/dc-20-speakers.html#Egypt
• https://www.youtube.com/watch?v=7c5AdP1HEtk

Similar Presentations:

• GrrCON 2018 / Pacu: Attack and Post-Exploitation in AWS
• DerbyCon 2.0 Reunion (2012) / Introduction to Metasploit Post Exploitation Modules
• DerbyCon 2.0 Reunion (2012) / Privilege Escalation with the Metasploit Framework