I wrote another guest post for Critical Informatics on the top 10 recommendations we end up giving new clients. These are common vulnerabilities that are not obvious for non-security focused teams. If you've never had a pentest, check this out before your engagement for some "low hanging fruit" to remediate.
Over at Critical Informatics I wrote a guest blog post about implant beaconing. How and why they're used, and some traffic indicators you might expect to see.
Let's say you've successfully phished a client, and now have an Empire agent on a victim computer. Congratulations! Establishing an initial foothold on a network, with either a .hta link or an office macro (excellent write-up using this method by @enigma0x3), can be one of the hardest parts of pentesting, and most security practices are designed to …
A review of Athena, the CIA's RAT, its features, and how it compares to Empire