Laboratory Exercise: 9 - Cleaning Up New!

The last step of a penetration test is cleaning up all of the changes made to the target system. This lab will demonstrate the use of various Tools, Techniques, and Procedures to clean up the target host that has been exploited.

The student should have completed the previous eight labs in the Penetration Testing Using Kali Linux module: Reconnaissance, Enumeration, Vulnerability Scanning, Exploitation, Post-Exploitation, Exfiltration, Password Cracking, and Creating a Backdoor. 

Learning Objectives
  • Define clean up
  • Understand the tools and techniques used to clean up
  • Clean up a target system
Faculty Instructions

IMPORTANT: This is the ninth of nine labs in the Penetration Testing Using Kali Linux module and should be completed in order. Each lab establishes the conditions for the next lab, so performing the labs out of sequence will cause problems for the students.

This lab is designed to use the Virginia Cyber Range, Cyber Basics (2018) Environment. If you don’t already have an instructor account on the range, request an account here

Once the instructor has an account and a new course is created, the instructor should add the Cyber Basics (2018) environment, and then invite their students to be able to use it in the Virginia Cyber Range.

Cleaning Up Lab Handout
Cleaning Up Presentation Slides

Log In
to download materials

* NICE Cybersecurity Workforce Framework KSAs Addressed
  • K0070: Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0111: Knowledge of common network tools (e.g., ping, traceroute, nslookup) and interpret the information results.
  • K0119: Knowledge of hacking methodologies in Windows or Unix/Linux environment.
  • K0129: Knowledge of Unix command line (e.g., mkdir, mv, ls, passwd, grep).
  • K0307: Knowledge of common network tools (e.g., ping, traceroute, nslookup).
  • K0342: Knowledge of penetration testing principles, tools, and techniques.
  • S0051: Skill in the use of penetration testing tools and techniques.
  • A0055: Ability to operate common network tools (e.g., ping, traceroute, nslookup).
* NSA/DHS Center of Excellence (CAE) KUs Addressed
  • Penetration Testing (PTT)

* Most courseware content maps to NIST NICE Cybersecurity Workforce Framework (NCWF) Knowledge, Skills, and Abilities (KSAs) and/or NSA/DHS CAE Knowledge Units (KUs). For more information on KSAs and KUs, please visit:

KSAs: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

KUs: https://www.iad.gov/NIETP/documents/Requirements/CAE-CD_2019_Knowledge_Units.pdf