Lateral Movement

T1028: WinRM for Lateral MovementWinRS for Lateral MovementT1047: WMI for Lateral MovementT1076: RDP Hijacking for Lateral Movement with tsconT1051: Shared WebrootT1175: Lateral Movement via DCOMWMI + MSI Lateral MovementLateral Movement via Service Configuration ManagerLateral Movement via SMB RelayingWMI + NewScheduledTaskAction Lateral MovementWMI + PowerShell Desired State Configuration Lateral MovementSimple TCP Relaying with NetCatEmpire Shells with NetNLTMv2 RelayingLateral Movement with PsexecFrom Beacon to Interactive RDP SessionSSH Tunnelling / Port ForwardingLateral Movement via WMI Event SubscriptionLateral Movement via DLL HijackingLateral Movement over headless RDP with SharpRDPShadowMove: Lateral Movement by Duplicating Existing Sockets
PreviousCredentials Collection via CredUIPromptForCredentialsNextT1028: WinRM for Lateral Movement

Last updated

Was this helpful?