# 5 - House cleaning ## Introduction After the completion of the penetration test, the vulnerable client's environment is composed of systems fake accounts, modified files, enumeration tools, exploits... So, the purpose of this phase is to ensure that there is no artefacts leftovers that a malicious attacker could exploit or that could lead to more risk than the organisation is willing to tolerate. ## Cleaning phase Some common cleanup tasks: * [ ] Delete any new files you created on the systems. * [ ] Restore modified files to their original state. * [ ] Restore any software configuration to its original state. * [ ] Restore active protection-system settings. * [ ] Remove any accounts you created from the affected systems. * [ ] Change any modified credentials to their original state. * [ ] Remove any shells or backdoors from the affected systems. * [ ] Remove any installed or uploaded tools you may have left on the systems. * [ ] Purge any sensitive leaked data. ## References * [What should you do after your penetration testing report?](https://sentrium.co.uk/about-us/insights/what-should-you-do-after-your-penetration-testing-report) * [Post-engagement cleanup](https://livebook.manning.com/book/penetrating-enterprise-networks/chapter-11/) * [Post-Engagement Cleanup Tasks](https://hack.technoherder.com/post-engagement-cleanup-tasks/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://the-pentesting-guide.marmeus.com/5-house-cleaning.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.