Post-Exploitation

This is the final stage of the penetrations test, and this is ultimately what differentiates a pentest from a hack.

During the post-exploitation phase, the penetration tester carefully documents their findings and puts together a report for their clients. This report should highlight the found vulnerabilities and successful exploits of the target, and could also include recommendations for hardening the target against these attacks and possible remediations in case of a future breach, although this could fall fully under the purview of the blue team. The post-exploitation process depends on the scope of work and the demands of each client.

Some forms of disclosure are formal and procedural, as is the case in professional pen testing done for a client, but many gray hat hackers will also find vulnerabilities in a particular system and willingly disclose their findings to the target, even if the target was an unwilling agent in this process.

No matter how good a pentester is, not having the communication and organizational skills to present their findings to the interested parties can undermine even the best operations.