Читать книгу CompTIA PenTest+ Certification For Dummies - Glen E. Clarke - Страница 36

The third phase of the penetration testing process is to perform the attacks and exploit systems. In this phase, with knowledge of the vulnerabilities that exist on the targets, you can then break out the penetration tools to attack and exploit the systems. This involves social engineering attacks, network attacks, software attacks such as SQL injection, and wireless attacks against wireless networks.

Once a system is compromised, you can then perform post-exploitation tasks, which involve collecting more information about the system or planting a backdoor to ensure you can gain access at a later time.

Chapters 5 through 10 cover attacks and exploits.