{"id":1447,"date":"2017-11-06T14:16:29","date_gmt":"2017-11-06T14:16:29","guid":{"rendered":"https:\/\/www.varutra.com\/blog\/?p=1447"},"modified":"2023-03-24T17:50:32","modified_gmt":"2023-03-24T12:20:32","slug":"what-makes-penetration-testing-impactful","status":"publish","type":"post","link":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/","title":{"rendered":"What Makes Penetration Testing Impactful &#8211; Post Exploitation"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/varutra-1a3b6.kxcdn.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful-1024x535.png\"  class=\"sh-overlay-item sh-table-cell ls-is-cached lazyloaded\" data-rel=\"lightcase\" title=\"What Makes Penetration Testing Impactful - Varutra Consulting\"><br \/>\nAs a penetration tester, we often come across this riddle \u2013 <strong>What Makes Penetration Testing Really Impactful<\/strong>. As per penetration testing methodology \u2013 we identify vulnerability, prioritize the vulnerability considering the criticality of impacted assets, we obtain\/modify\/create an exploit, compromise the target system and we are all excited and happy. BUT, \u2018whoami\u2019 command output in a black screen may not mean anything to C-Suite executives, who have never opened the command prompt, or rather not need to.<\/p>\n<p>So how do you explain C-suite executives the consequences\/impact of the exploit which you just performed?<\/p>\n<p>Here comes a skillset to our rescue \u2013 <strong>Relevant Post Exploitation<\/strong>.<\/p>\n<ul>\n<li>First understand your client, their nature of the business, their clients and criticality of data etc.<\/li>\n<li>Prioritize identified vulnerabilities and exploits to target important assets<\/li>\n<li>Obtain\/ex-filtrate the information which matters to them most<\/li>\n<li>And they will be like WOW<\/li>\n<\/ul>\n<p>To explain my point, I will walk you through some of my personal experiences in my journey as a penetration tester.<\/p>\n<p><strong>Example 1.\u00a0<\/strong><\/p>\n<p><strong>TL;DR: Test Server -&gt; Apache Exploit -&gt; In-House App\u00a0 -&gt; Hardcoded DB Credentials -&gt; Central Database Compromise<\/strong><\/p>\n<p>In one of my earlier engagement, automated scanner identified an instance of <a href=\"http:\/\/blog.opensecurityresearch.com\/2012\/09\/manually-exploiting-tomcat-manager.html\">open apache manager console<\/a> and I tried Metasploit for exploitation but observed that anti-virus installed in target machine was deleting Metasploit payload. So I switched to manual method and successfully compromised the server. Hence concluded that engagement is successful, until, client destroyed my enthusiasm saying that it\u2019s a test machine with not much of IMPORTANCE.<\/p>\n<figure id=\"attachment_1449\" aria-describedby=\"caption-attachment-1449\" style=\"width: 1027px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_44_29-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1449 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_44_29-Clipboard.jpg\" alt=\"Open Apache Tomcat Manager Console\" width=\"1027\" height=\"538\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_44_29-Clipboard.jpg 1027w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_44_29-Clipboard-300x157.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_44_29-Clipboard-1024x536.jpg 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_44_29-Clipboard-768x402.jpg 768w\" sizes=\"(max-width: 1027px) 100vw, 1027px\" \/><\/a><figcaption id=\"caption-attachment-1449\" class=\"wp-caption-text\">Open Apache Tomcat Manager Console<\/figcaption><\/figure>\n<figure id=\"attachment_1450\" aria-describedby=\"caption-attachment-1450\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-13_06_17-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1450 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-13_06_17-Clipboard.jpg\" alt=\"Upload Of Backdoor JSP File\" width=\"1026\" height=\"502\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-13_06_17-Clipboard.jpg 1026w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-13_06_17-Clipboard-300x147.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-13_06_17-Clipboard-1024x501.jpg 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-13_06_17-Clipboard-768x376.jpg 768w\" sizes=\"(max-width: 1026px) 100vw, 1026px\" \/><\/a><figcaption id=\"caption-attachment-1450\" class=\"wp-caption-text\">Upload Of Backdoor JSP File<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<figure id=\"attachment_1451\" aria-describedby=\"caption-attachment-1451\" style=\"width: 577px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-12_23_25-H__KPMG_Testing_VAPT_MAF-UAE-20150201_docs_laudanum-1.0_laudanum_jsp_warfiles_cm.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1451 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-12_23_25-H__KPMG_Testing_VAPT_MAF-UAE-20150201_docs_laudanum-1.0_laudanum_jsp_warfiles_cm.jpg\" alt=\"Code for Backdoor JSP\" width=\"577\" height=\"454\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-12_23_25-H__KPMG_Testing_VAPT_MAF-UAE-20150201_docs_laudanum-1.0_laudanum_jsp_warfiles_cm.jpg 577w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-12_23_25-H__KPMG_Testing_VAPT_MAF-UAE-20150201_docs_laudanum-1.0_laudanum_jsp_warfiles_cm-300x236.jpg 300w\" sizes=\"(max-width: 577px) 100vw, 577px\" \/><\/a><figcaption id=\"caption-attachment-1451\" class=\"wp-caption-text\">Code for Backdoor JSP<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<figure id=\"attachment_1452\" aria-describedby=\"caption-attachment-1452\" style=\"width: 750px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-13_04_36-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1452 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-13_04_36-Clipboard.jpg\" alt=\"Proof-of-Concept of Exploitation\" width=\"750\" height=\"313\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-13_04_36-Clipboard.jpg 750w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-13_04_36-Clipboard-300x125.jpg 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/a><figcaption id=\"caption-attachment-1452\" class=\"wp-caption-text\">Proof-of-Concept of Exploitation<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<p>I had no intention of letting that issue go, so I attacked that machine again with a very definitive purpose \u2013 Obtain something critical and\/or sensitive.<\/p>\n<p>I created a dummy user with LOCAL ADMINISTRATIVE privileges, started the RDP and logged in using RDP just to make my life easy, relatively<\/p>\n<figure id=\"attachment_1453\" aria-describedby=\"caption-attachment-1453\" style=\"width: 1001px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_46_33-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1453 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_46_33-Clipboard.jpg\" alt=\"Creation of Dummy User \u2013 TestUser\" width=\"1001\" height=\"436\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_46_33-Clipboard.jpg 1001w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_46_33-Clipboard-300x131.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_46_33-Clipboard-768x335.jpg 768w\" sizes=\"(max-width: 1001px) 100vw, 1001px\" \/><\/a><figcaption id=\"caption-attachment-1453\" class=\"wp-caption-text\">Creation of Dummy User \u2013 TestUser<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<figure id=\"attachment_1474\" aria-describedby=\"caption-attachment-1474\" style=\"width: 1035px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_47_35-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1474 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_47_35-Clipboard.jpg\" alt=\"RDP Connection To Target System\" width=\"1035\" height=\"535\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_47_35-Clipboard.jpg 1035w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_47_35-Clipboard-300x155.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_47_35-Clipboard-1024x529.jpg 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_47_35-Clipboard-768x397.jpg 768w\" sizes=\"(max-width: 1035px) 100vw, 1035px\" \/><\/a><figcaption id=\"caption-attachment-1474\" class=\"wp-caption-text\">RDP Connection To Target System<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<p>I realised there is an in-house application in documents directory (.jar file). Out of curiosity, I just ran it, and it seemed to be data entry application. While I was doing a blind exploration in the application, a message box popped up stating that \u2018Read all the entries from database successfully\u2019. Interestingly, the application didn\u2019t ask for any DB credentials at all.<\/p>\n<p style=\"text-align: left\">Then, naturally, I opened the application in jd-gui and DB credentials were hard-coded in the application and to my utmost surprise, it was the credentials for central DB of the organization.<\/p>\n<figure id=\"attachment_1455\" aria-describedby=\"caption-attachment-1455\" style=\"width: 1047px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_48_46-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1455 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_48_46-Clipboard.jpg\" alt=\"Hard-Coded DB Credentials\" width=\"1047\" height=\"364\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_48_46-Clipboard.jpg 1047w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_48_46-Clipboard-300x104.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_48_46-Clipboard-1024x356.jpg 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_48_46-Clipboard-768x267.jpg 768w\" sizes=\"(max-width: 1047px) 100vw, 1047px\" \/><\/a><figcaption id=\"caption-attachment-1455\" class=\"wp-caption-text\">Hard-Coded DB Credentials<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<p>I used that credentials to login into DB and I was able to access almost all (read all) information about the organization, details of which I can\u2019t mention here for obvious reasons.<\/p>\n<p>Bottom line \u2013 Engagement become successful then, from client point-of-view and it made the life of developer of mentioned application [very] difficult.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Example 2.<\/strong><\/p>\n<p><strong>TL;DR: Kiosk Device -&gt;Windows XP -&gt; MS08-067 -&gt; Pass-the-Hash -&gt; Entire Network -&gt; (Very) Important Person Desktop Screenshot<\/strong><\/p>\n<p>In another one of my engagement, automated scanner identified that Windows XP machine is running in client environment and our favourite <a href=\"https:\/\/www.rapid7.com\/db\/modules\/exploit\/windows\/smb\/ms08_067_netapi\">MS08-067<\/a> popped me a reverse <a href=\"https:\/\/dev.metasploit.com\/documents\/meterpreter.pdf\">Meterpreter<\/a> shell with relative ease, but again, it turns out to be Kiosk Device and client were not very interested in the compromise<\/p>\n<figure id=\"attachment_1457\" aria-describedby=\"caption-attachment-1457\" style=\"width: 1043px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_50_35-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1457 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-03-12_50_35-Clipboard.jpg\" alt=\"Proof-of-Concept of Exploitation\" width=\"1043\" height=\"538\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_50_35-Clipboard.jpg 1043w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_50_35-Clipboard-300x155.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_50_35-Clipboard-1024x528.jpg 1024w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-03-12_50_35-Clipboard-768x396.jpg 768w\" sizes=\"(max-width: 1043px) 100vw, 1043px\" \/><\/a><figcaption id=\"caption-attachment-1457\" class=\"wp-caption-text\">Proof-of-Concept of Exploitation<\/figcaption><\/figure>\n<p>This time I explored the entire system but didn\u2019t identify anything significant. Then I took a different route \u2013 <a href=\"https:\/\/www.sans.org\/reading-room\/whitepapers\/testing\/crack-pass-hash-33219\">Pass-the-Hash<\/a> attack. I dumped the password hashes using Meterpreter and used smbexec (awesome tool) to escalate\/replicate my attack to the entire network.<\/p>\n<figure id=\"attachment_1458\" aria-describedby=\"caption-attachment-1458\" style=\"width: 737px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/meterpreter1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1458 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/meterpreter1.png\" alt=\"Replicate of Attack to Entire Network\" width=\"737\" height=\"223\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/meterpreter1.png 737w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/meterpreter1-300x91.png 300w\" sizes=\"(max-width: 737px) 100vw, 737px\" \/><\/a><figcaption id=\"caption-attachment-1458\" class=\"wp-caption-text\">Replicate of Attack to Entire Network<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<p><strong>Example 3.<\/strong><\/p>\n<p><strong>TL;DR: McAfee ePO Server -&gt; JBoss JMX Console Deployer Upload and Execute -&gt; Combined with McAfee Weak Encryption Vulnerability -&gt; McAfee ePO Server Password Compromised<\/strong><\/p>\n<p>This compromise was relatively simple. First automated scanner identified an open JBoss JMX console and then, I was able to obtain a Meterpreter reverse shell using the Metasploit exploit module \u2013 <a href=\"https:\/\/www.rapid7.com\/db\/modules\/exploit\/multi\/http\/jboss_maindeployer\">JBoss JMX Deployer Upload and Execute<\/a>.<\/p>\n<figure id=\"attachment_1460\" aria-describedby=\"caption-attachment-1460\" style=\"width: 823px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-17_30_48-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1460 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-17_30_48-Clipboard.jpg\" alt=\"Proof-of-Concept of Exploitation\" width=\"823\" height=\"347\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-17_30_48-Clipboard.jpg 823w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-17_30_48-Clipboard-300x126.jpg 300w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-17_30_48-Clipboard-768x324.jpg 768w\" sizes=\"(max-width: 823px) 100vw, 823px\" \/><\/a><figcaption id=\"caption-attachment-1460\" class=\"wp-caption-text\">Proof-of-Concept of Exploitation<\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<p>After a bit of reconnaissance, I realized it was an ePO server installed with vulnerable version \u2013 ePO 4.6. A ready to use post exploitation module of Metasploit \u2013 <a href=\"https:\/\/www.rapid7.com\/db\/modules\/post\/windows\/gather\/credentials\/epo_sql\">epo_sql<\/a>, fetched the ePO server credentials for me.<\/p>\n<figure id=\"attachment_1459\" aria-describedby=\"caption-attachment-1459\" style=\"width: 574px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-17_29_02-Clipboard.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-1459 size-full\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/2017-11-06-17_29_02-Clipboard.jpg\" alt=\"epo_sql Metasploit Module in Action\" width=\"574\" height=\"219\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-17_29_02-Clipboard.jpg 574w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/2017-11-06-17_29_02-Clipboard-300x114.jpg 300w\" sizes=\"(max-width: 574px) 100vw, 574px\" \/><\/a><figcaption id=\"caption-attachment-1459\" class=\"wp-caption-text\">epo_sql Metasploit Module in Action<\/figcaption><\/figure>\n<h6 style=\"text-align: center\"><\/h6>\n<p>So, in above scenarios, by aligning post-exploitation techniques to client requirement and with a \u2018dig deeper\u2019 approach, I represented technical vulnerabilities into the form of business risk. Effective post exploitation makes the client understand the implications from the business perspective and helps them to prioritize the mitigation strategy.<\/p>\n<p>In conclusion, I would like to say that relevant post exploitation is very crucial for a penetration testing engagement, especially when the client is more emphasizing on <a href=\"https:\/\/www.darkreading.com\/vulnerabilities---threats\/stop-counting-vulnerabilities-and-start-measuring-risk\/a\/d-id\/1330220\">measuring the risk not counting the vulnerabilities<\/a>. There are numerous other ways and tools for making post exploitation a real fun.<\/p>\n<p><strong>Further reading<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/www.offensive-security.com\/metasploit-unleashed\/msf-post-exploitation\/\">https:\/\/www.offensive-security.com\/metasploit-unleashed\/msf-post-exploitation\/<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/mubix\/post-exploitation\">https:\/\/github.com\/mubix\/post-exploitation<\/a><\/li>\n<li><a href=\"https:\/\/www.exploit-db.com\/docs\/18229.pdf\">https:\/\/www.exploit-db.com\/docs\/18229.pdf<\/a><\/li>\n<li><a href=\"http:\/\/www.pentest-standard.org\/index.php\/Post_Exploitation\">http:\/\/www.pentest-standard.org\/index.php\/Post_Exploitation<\/a><\/li>\n<li>https:\/\/www.powershellempire.com\/<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Author<br \/>\nPramod Rana<\/p>\n<p><em>Attack &amp; PenTest Team,<\/em><\/p>\n<p><em>Varutra Consulting<\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>As a penetration tester, we often come across this riddle \u2013 What Makes Penetration Testing Really Impactful. As per penetration testing methodology \u2013 we identify&#8230;<\/p>\n","protected":false},"author":3,"featured_media":18126,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[140,278,274,57,272],"tags":[103,115,99,116],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.6.3 - aioseo.com -->\n\t\t<meta name=\"description\" content=\"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.\" \/>\n\t\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t\t<link rel=\"canonical\" href=\"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/\" \/>\n\t\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.6.3\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Varutra Consulting\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"What Makes Penetration Testing Impactful - Exploitation\" \/>\n\t\t<meta property=\"og:description\" content=\"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t\t<meta property=\"article:section\" content=\"Case Study\" \/>\n\t\t<meta property=\"article:tag\" content=\"advisory\" \/>\n\t\t<meta property=\"article:tag\" content=\"infosec\" \/>\n\t\t<meta property=\"article:tag\" content=\"network penetration testing\" \/>\n\t\t<meta property=\"article:tag\" content=\"post exploitation\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2017-11-06T14:16:29+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2023-03-24T12:20:32+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"What Makes Penetration Testing Impactful - Exploitation\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png\" \/>\n\t\t<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t\t<meta name=\"twitter:data1\" content=\"kalpadmin\" \/>\n\t\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#article\",\"name\":\"What Makes Penetration Testing Impactful - Exploitation\",\"headline\":\"What Makes Penetration Testing Impactful &#8211; Post Exploitation\",\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2017\\\/11\\\/What-Makes-Penetration-Testing-Impactful.png\",\"width\":1200,\"height\":627,\"caption\":\"What Makes Penetration Testing Impactful\"},\"datePublished\":\"2017-11-06T14:16:29+05:30\",\"dateModified\":\"2023-03-24T17:50:32+05:30\",\"inLanguage\":\"en-US\",\"commentCount\":2,\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#webpage\"},\"articleSection\":\"Case Study, Network Pentesting, Security Hardening, Vulnerability Disclosure, Web Application Security, advisory, infosec, Network Penetration Testing, Post Exploitation\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"nextItem\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#listItem\"},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#listItem\",\"position\":2,\"name\":\"What Makes Penetration Testing Impactful - Post Exploitation\",\"previousItem\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#listItem\"}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\",\"name\":\"Varutra\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Varutra-Found-e1612984024606.jpg\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/\",\"name\":\"kalpadmin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d69b4bf504d3e2e3c6ad0c424e16bcb2?s=96&d=mm&r=g\",\"width\":96,\"height\":96,\"caption\":\"kalpadmin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#webpage\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/\",\"name\":\"What Makes Penetration Testing Impactful - Exploitation\",\"description\":\"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2017\\\/11\\\/What-Makes-Penetration-Testing-Impactful.png\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#mainImage\",\"width\":1200,\"height\":627,\"caption\":\"What Makes Penetration Testing Impactful\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/what-makes-penetration-testing-impactful\\\/#mainImage\"},\"datePublished\":\"2017-11-06T14:16:29+05:30\",\"dateModified\":\"2023-03-24T17:50:32+05:30\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"name\":\"Varutra Consulting\",\"description\":\"Secure your digital world with our Cybersecurity services.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>What Makes Penetration Testing Impactful - Exploitation<\/title>\n\n","aioseo_head_json":{"title":"What Makes Penetration Testing Impactful - Exploitation","description":"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.","canonical_url":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"og:locale":"en_US","og:site_name":"Varutra Consulting","og:type":"article","og:title":"What Makes Penetration Testing Impactful - Exploitation","og:description":"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.","og:url":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/","og:image":"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png","og:image:secure_url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png","og:image:width":"1200","og:image:height":"627","article:section":"Case Study","article:tag":["advisory","infosec","network penetration testing","post exploitation"],"article:published_time":"2017-11-06T14:16:29+00:00","article:modified_time":"2023-03-24T12:20:32+00:00","twitter:card":"summary_large_image","twitter:title":"What Makes Penetration Testing Impactful - Exploitation","twitter:description":"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.","twitter:image":"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png","twitter:label1":"Written by","twitter:data1":"kalpadmin","twitter:label2":"Est. reading time","twitter:data2":"5 minutes","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#article","name":"What Makes Penetration Testing Impactful - Exploitation","headline":"What Makes Penetration Testing Impactful &#8211; Post Exploitation","author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png","width":1200,"height":627,"caption":"What Makes Penetration Testing Impactful"},"datePublished":"2017-11-06T14:16:29+05:30","dateModified":"2023-03-24T17:50:32+05:30","inLanguage":"en-US","commentCount":2,"mainEntityOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#webpage"},"isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#webpage"},"articleSection":"Case Study, Network Pentesting, Security Hardening, Vulnerability Disclosure, Web Application Security, advisory, infosec, Network Penetration Testing, Post Exploitation"},{"@type":"BreadcrumbList","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/#listItem","position":1,"name":"Home","item":"https:\/\/www.varutra.com\/varutravrt3\/","nextItem":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#listItem"},{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#listItem","position":2,"name":"What Makes Penetration Testing Impactful - Post Exploitation","previousItem":"https:\/\/www.varutra.com\/varutravrt3\/#listItem"}]},{"@type":"Organization","@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization","name":"Varutra","url":"https:\/\/www.varutra.com\/varutravrt3\/","logo":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Varutra-Found-e1612984024606.jpg","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#organizationLogo"},"image":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author","url":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/","name":"kalpadmin","image":{"@type":"ImageObject","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d69b4bf504d3e2e3c6ad0c424e16bcb2?s=96&d=mm&r=g","width":96,"height":96,"caption":"kalpadmin"}},{"@type":"WebPage","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#webpage","url":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/","name":"What Makes Penetration Testing Impactful - Exploitation","description":"Most of you may have an idea of what is penetration testing but do you know what makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#website"},"breadcrumb":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#breadcrumblist"},"author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"creator":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png","@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#mainImage","width":1200,"height":627,"caption":"What Makes Penetration Testing Impactful"},"primaryImageOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/#mainImage"},"datePublished":"2017-11-06T14:16:29+05:30","dateModified":"2023-03-24T17:50:32+05:30"},{"@type":"WebSite","@id":"https:\/\/www.varutra.com\/varutravrt3\/#website","url":"https:\/\/www.varutra.com\/varutravrt3\/","name":"Varutra Consulting","description":"Secure your digital world with our Cybersecurity services.","inLanguage":"en-US","publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"}}]}},"aioseo_meta_data":{"post_id":"1447","title":"What Makes Penetration Testing Impactful - Exploitation&nbsp;","description":"Most of you may have an idea of what is penetration testing but do you know what&nbsp;makes it impactful. Know What Makes Pen Testing Impactful - Post Exploitation.","keywords":[],"keyphrases":"{\"focus\":{\"keyphrase\":\"Penetration Testing\",\"score\":76,\"analysis\":{\"keyphraseInTitle\":{\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInDescription\":{\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"score\":9,\"maxScore\":9,\"error\":0,\"length\":2},\"keyphraseInURL\":{\"score\":5,\"maxScore\":5,\"error\":0},\"keyphraseInIntroduction\":{\"score\":3,\"maxScore\":9,\"error\":1},\"keyphraseInSubHeadings\":[],\"keyphraseInImageAlt\":{\"score\":3,\"maxScore\":9,\"error\":1}}},\"additional\":[{\"keyphrase\":\"Exploitation\",\"score\":83,\"analysis\":{\"keyphraseInDescription\":{\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"score\":9,\"maxScore\":9,\"error\":0,\"length\":1},\"keyphraseInIntroduction\":{\"score\":3,\"maxScore\":9,\"error\":1},\"keyphraseInImageAlt\":{\"score\":9,\"maxScore\":9,\"error\":0}}}]}","primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"featured","og_image_url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2017\/11\/What-Makes-Penetration-Testing-Impactful.png","og_image_width":"1200","og_image_height":"627","og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":"Case Study","og_article_tags":[],"twitter_use_og":true,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"Article","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":"{\"article\":{\"articleType\":\"BlogPosting\"},\"course\":{\"name\":\"\",\"description\":\"\",\"provider\":\"\"},\"faq\":{\"pages\":[]},\"product\":{\"reviews\":[]},\"recipe\":{\"ingredients\":[],\"instructions\":[],\"keywords\":[]},\"software\":{\"reviews\":[],\"operatingSystems\":[]},\"webPage\":{\"webPageType\":\"WebPage\"}}","pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"limit_modified_date":false,"open_ai":null,"created":"2021-10-27 15:17:57","updated":"2023-03-24 12:36:12"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\/category\/case-study\/\" title=\"Case Study\">Case Study<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\tWhat Makes Penetration Testing Impactful \u2013 Post Exploitation\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.varutra.com\/varutravrt3"},{"label":"Case Study","link":"https:\/\/www.varutra.com\/varutravrt3\/category\/case-study\/"},{"label":"What Makes Penetration Testing Impactful &#8211; Post Exploitation","link":"https:\/\/www.varutra.com\/varutravrt3\/what-makes-penetration-testing-impactful\/"}],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/1447"}],"collection":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/comments?post=1447"}],"version-history":[{"count":6,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/1447\/revisions"}],"predecessor-version":[{"id":21243,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/1447\/revisions\/21243"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media\/18126"}],"wp:attachment":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media?parent=1447"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/categories?post=1447"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/tags?post=1447"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}