Here are some guidelines you can follow when exploiting network-based vulnerabilities:

  • Conduct active reconnaissance, including scanning and fingerprinting on the target first, then research possible exploits you can use.
  • Use sniffing and eavesdropping to obtain information needed for the exploit.
  • Use ARP poisoning when conducting man-in-the-middle attacks.
  • Use hijacking to take over client sessions.
  • Choose your exploits based on the target service or protocol.
  • Use DNS cache poisoning and other name resolution exploits to redirect targets when ARP poisoning isn't practical.
  • Use network authentication brute forcing to crack passwords.
  • Use pass the hash attacks when password cracking isn't practical.
  • Be careful when using DoS or stress testing attacks, as they are likely to make the server or service unavailable.
  • Use VLAN hopping if you need access to a restricted VLAN.
  • Use NAC bypassing techniques if points of entry into the network are controlled by a network policy or NAC server.