Post-Exploitation Scanning

After compromise, basic port scans can be used to identify systems or services of interest to further attack. You could scan for SMB shared which you could login to with compromised credentials, files could then be moved to other systems.

Remote access protocols including the following can be used to communicate with a compromised system:

• Microsoft's Remote Desktop Protocol (RDP)

• Apple Remote Desktop

• VNC

• X Server Forwarding

The main advantage of remote desktop over other tools like Sysinternals is that it provides a full GUI of the remote compromised computer, from this connection it is then possible to steal data or collect screenshots, disable security software or install malware. The main disadvantage of remote desktop is that the user logged into the system may be able to tell you are there.