Automation of Post-exploitation

Automation of Post-exploitation,10.1007/978-3-642-10847-1_31,Mohammad Tabatabai Irani,Edgar R. Weippl

Automation of Post-exploitation  
BibTex | RIS | RefWorks Download
Pentesting is becoming an important activity even for smaller companies. One of the most important economic pressures is the cost of such tests. In order to automate pentests, tools such as Metasploit can be used. Post-exploitation activities can, however, not be automated easily. Our contribution is to extend Meterpreter-scripts so that post-exploitation can be scripted. Moreover, using a multi-step approach (pivoting), we can automatically exploit machines that are not directly routable: Once the first machine is exploited, the script continues to then automatically launch an attack on the next machine, etc.
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.