In this chapter, we took a journey into different strategies used by attackers to maintain access to compromised environments, including domain fronting to hide the origin of the attack, and we also learned how to hide the evidence of an attack to cover our tracks and remain anonymous, which is the last step of the kill chain methodology.
We looked at how to use Netcat, Meterpreter, scheduled tasks, and Empire PowerShell's dbx and onedrive modules to maintain persistent agents on compromised systems, and how to exfiltrate data using traditional services such as DNS, ICMP, Telnet, RDP, and Netcat.
In the next chapter, we will look at how to hack embedded and RFID/NFC devices using both existing Kali 2018.4 features and additional tools.