█
LastWrite
  • > Curriculum
  • > Pricing
  • > For Educators
  • > About
  • > Contact
Log InGet Started

Questions, concerns, bug reports, or suggestions? We read every message, write to us at [email protected].

More ways to reach us →
LastWrite

Structured computer science lessons for aspiring developers and security professionals.

[email protected]

(201) 785-7951

Mon–Fri, 9 AM–5 PM EST

Learn

  • Curriculum
  • Pricing

Company

  • About
  • For Educators & Schools
  • Contact Us

Legal

  • Terms of Service
  • Privacy Policy
© 2026 LastWrite. All rights reserved.
Curriculum/Cybersecurity/Penetration Testing/Post-Exploitation and Reporting
45 minIntermediate

Post-Exploitation and Reporting

After this lesson, you will be able to: Understand post-exploitation, privilege escalation, and how to write a pen test report.

Initial access is the start, not the end. Post-ex is privilege escalation, lateral movement, persistence, and pivoting. The deliverable that pays the bills is the report.

Prerequisites:Web Application Penetration Testing

Privilege escalation

Linux: `sudo -l`, SUID binaries (`find / -perm -4000`), kernel exploits, cronjobs running as root. Windows: SeImpersonate (PrintSpoofer, Juicy Potato), unquoted service paths, AlwaysInstallElevated.

💡 Use the helpers

linpeas.sh and winPEAS.exe automate enumeration of priv-esc paths. Run them as low-priv user, read the colored output, fix the obvious wins.

Anatomy of a pen test report

  1. 1

    1. Executive summary, 1 page, business-language risk.

  2. 2

    2. Methodology, what you did, scope, tools, dates.

  3. 3

    3. Findings, each with severity (CVSS), description, impact, reproduction steps, screenshots, remediation.

  4. 4

    4. Appendices, full raw output for transparency.

  5. 5

    5. Conclusion, strategic recommendations.

ℹ️ Severity = likelihood × impact

Critical (RCE, auth bypass), High (priv-esc, sensitive data), Medium (info disclosure), Low (verbose errors). Don't flag everything Critical, credibility lost.

Persistence vs cleanup

In red teams, you may install persistence (scheduled tasks, registry run keys, SSH key drop). In pen tests, you typically DON'T, you document and clean up. The RoE specifies which.

Sign in and purchase access to unlock this lesson.

Sign in to purchase
←Web Application Penetration Testing
Back to Penetration Testing
Advanced Tools and CTF Practice→