This talk focuses on common methods, techniques, and tools employed by penetration testers and attackers after compromising a Windows system. Live demos will be included to demonstrate the concepts of escalating privileges, moving laterally and expanding, and establishing persistence in a Windows environment. Tools demonstrated will include: Metasploit/Meterpreter (as a base for the attack) as well as Hashcat, Netcat, Mimikatz (for post-exploitation) and others will be touched on or mentioned. The purpose of this talk is to serve as an introduction into the concept of Windows post-exploitation as well as to explore technical aspects regarding the Windows operating system and the tools used to exploit its flaws.
Audience: Information security students and those interested in learning about Windows internal security