Post Exploitation: ​Workstation and Network Analysis

Course:  Joe Perry on "Post Exploitation Hacking" at Cybrary
​​
Workstation and Network Analysis 

I. Linux
A. Workstation
•Ifconfig
•Netstat (+netstat -g/ -r/ -i/ -s)
•Arp
•/etc/nsswitch.conf
•/etc/resolve.conf

B. Network
•Ping/traceroute •Ping –t 1 <target> (Identify your default gateway)
•Nmap
•P0f [passive OS fingerprinting]
•Tcpdump
•Tshark

II. Windows
A. Workstation
•Ipconfig
•Netstat
•Arp
•Net * (there’s a lot)

B. Network
•nslookup
•Tracert
net *  •Accounts; •Config; •Group; •Session; •Statistics; •View; •Start
Wmic [Windows Management Instrumentation] 
E.g., Wmic Useraccount
E.g., Wmic startup get caption,command