What type of logs show successful exploitation during penetration testing?

Successful exploitation during penetration testing is typically best reflected in terminal outputs. When a penetration tester successfully exploits a vulnerability, the terminal output can provide direct feedback on the actions taken and the results observed. This includes command execution results, error messages, or confirmation of access to systems and data, which helps the tester assess the effectiveness of their exploitation techniques in real-time.

In contrast, security incident reports summarize incidents after they occur and are not directly used during penetration testing to show real-time exploitation success. Network performance metrics focus on the throughput, latency, and general health of the network, not on exploitation events. Operating system event logs mainly detail system-level activities and statuses, which can include successful logins or errors but do not capture the nuances of exploitation as effectively as terminal outputs do.