In this episode of The Cyber Threat Perspective, Tyler Roberts joins Spencer Alessi to break down the post-exploitation tactics that are still working in 2025. Get concrete insights from real-world pen tests and current threat intel on what attackers do once they’re inside an environment.
- Credential access through file shares, SharePoint, and document repositories
- Common password weaknesses and reuse pitfalls threat actors exploit
- Persistence techniques like remote access tools and scheduled tasks
- Defensive evasion methods including DLL hijacking, clearing logs, and masquerading
- Lateral movement and exfiltration tactics—RDP, PS Remoting, SMB, and cloud storage abuse
Tune in to learn where attackers are winning—and what you need to watch out for.
Blog:Â https://offsec.blog/
Youtube:Â https://www.youtube.com/@cyberthreatpov
Twitter:Â https://x.com/cyberthreatpov
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.
Follow Spencer on social ⬇
Spencer’s Links:Â https://go.spenceralessi.com/links