Pentesting 2018

For the past few years, we have been using tools such as the Metasploit Framework, routersploit, LinuxEnum.sh, nmap, and so on for post-exploitation and scanning. With the growing popularity of new tools, it would be good to learn about some new tools that can be used for post-exploitation. Out of the many available tools, we will be looking at MSFvenom Payload Creator (MSFPC)—a simple MSF-based payload generator; and Koadic—a COM-based Command and Control (C3) server, which can be used in red-team operations or penetration testing for post-exploitation.

In this chapter, we will cover the following tools:

• MSFPC
• Kaodic