Post-Exploitation¶

Post-exploitation modules extend beacon capabilities beyond basic command execution. These modules implement advanced techniques for process injection, privilege escalation, credential harvesting, Active Directory attacks, and lateral movement across the target environment.

In This Section¶

• Process Injection -- Inject code into remote processes using multiple injection techniques.
• Privilege Escalation -- UAC bypass, token manipulation, and local privilege escalation methods.
• Credential Access -- SAM/LSA/NTDS dumping, Kerberoasting, and in-memory credential harvesting.
• Active Directory Attacks -- DCSync, Kerberos attacks, LDAP enumeration, and domain escalation.
• Lateral Movement -- PsExec, WMI, WinRM, DCOM, and pass-the-hash/ticket techniques.