SecuriTreeHome

SecuriTree

  • Windows Lateral Movement
    • Common Problems
      • Double Hop
      • Remote UAC
    • Techniques
      • Access Token Manipulation
        (RunAs)
      • Pass-the-Ticket (Kerberos)
        (Rubeus, getTGT)
    • Technologies
      • MS-RPC
        • MS-DCOM
        • MS-RRP
        • MS-SCMR
          (PsExec, SmbExec, ScExec)
        • MS-TSCH
        • MS-WMI
          (WmiExec)
      • RDP
      • WinRM
        (winrs, PS Remoting)
#Windows Lateral Movement

Windows Lateral Movement

At SecuriTree, we define Lateral Movement as a situation where an attacker already has valid credentials (e.g. password, NT hash or Kerberos TGT) and his job is to use them to gain access to new resources on the network.

This site does not focus on obtaining credentials (privilege escalation).

Children

Windows Lateral Movement
Common Problems
Double Hop
Remote UAC
Techniques
Access Token Manipulation
Pass-the-Ticket (Kerberos)
Technologies
MS-RPC
MS-DCOM
MS-RRP
MS-SCMR
MS-TSCH
MS-WMI
RDP
WinRM