Penetration Testing

A Bind Shell is when the target machine opens a port and waits for the attacker to connect. After the connection, the attacker gets a command shell on the target system.

A Reverse Shell is when the target machine connects back to the attacker’s system and gives shell access.

Pillaging is the process of collecting sensitive information from a compromised system after gaining access to it. It is performed during the Post-Exploitation phase of penetration testing.

Evasive Testing is a technique in penetration testing where the tester tries to avoid detection by security systems such as firewalls, Endpoint Detection and Response (EDR), or Intrusion Detection System (IDS) while performing attacks.

1. Evasive Testing

Tester tries to remain completely undetected while performing attacks.

2. Non-Evasive Testing

The tester performs normal attacks without trying to hide, to check if security defenses detect them.

3. Hybrid Evasive Testing

A combination of evasive and non-evasive testing to check specific security systems.

Data Exfiltration is the process of transferring sensitive data from a compromised system to the attacker’s system.