In this chapter, we focused on the immediate actions that follow the exploitation of a target system. We reviewed the initial rapid assessment that's conducted to characterize the server and the local environment. We also learned how to use various post-exploitation tools to locate target files of interest, create user accounts, and perform horizontal escalation to harvest more information that's specific to other users. We focused on Metasploit's Meterpreter usage, the Empire PowerShell tool, and Crack-Map-Exec so that we could collect more information to perform lateral movement and privilege attacks. We also learned about the usage of the Veil-Pillage framework.

In the next chapter, we will learn how to escalate privileges from that of a normal user to the highest level possible, and also exploit the weaknesses that can be found in an Active Directory environment.