In this chapter, we discussed the process of testing a flat and internal network. We discovered that this means we do not have filters or layers that we have to traverse to attack the target. While this is a good thing, we also explained that these machines would have a number of protections in place. We also reviewed the role a vulnerability scanner plays with respect to internal testing; furthermore, we added the credentials to the scan and showed how much more information we can gather from this.

Following the introduction to the different host-based protection, we looked at them in more detail and in some cases, attempted a number of different techniques to bypass the different protections on the host that we might encounter. Specifically, ...