PenTest+ Module 26 - Lateral Movement

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/43

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 10:16 PM on 7/5/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

44 Terms

1
New cards

Lateral Movement

Techniques attackers use to navigate through a network, by accessing other systems and accounts

2
New cards

Pivoting

Process of using a compromised system to move to other systems within the same network

3
New cards

Network Pivoting

Involves using the network capabilities of a compromised machine to route traffic to other machines

4
New cards

Application-level Pivoting

Uses a compromised machine to interact with applications and services on other machines

5
New cards

Relay Creation

Involves capturing and forwarding authentication requests to exploit trust relationships between systems

6
New cards

ProxyChains

A tool that routes internet traffic through multiple proxy servers

7
New cards

Service Discovery

Involves identifying active services running on a networked device

8
New cards

Network Traffic Discovery

Involves analyzing the flow of data within a network

9
New cards

Credential Capturing

Involves intercepting and capturing authentication credentials as they are transmitted over the network

10
New cards

Credential Dumping

Extracts stored credentials from compromised systems

11
New cards

String Searches

Involve searching through files, logs, and memory dumps for specific patterns

12
New cards

Protocol IDs

Identify and analyze specific protocols in use

13
New cards

Server Message Block (SMB)

A protocol used for sharing files, printers, and other resources on a network

14
New cards

Remote Procedure Call (RPC)

Allows programs to request services from programs on other computers within a network

15
New cards

EternalBlue

Sends specially crafted packets to the SMB service, triggering the vulnerability and allowing code execution on the system

16
New cards

Distributed Component Object Model (DCOM)

A technology developed by Microsoft that allows software components to communicate with each other over a network

17
New cards

Get-WmiObject -Class Win32_DCOMApplication

Used to gather information about DCOM applications on a Windows computer

18
New cards

Cleartext Protocols

Transmit data without any encryption

19
New cards

Telnet

Used for remote command-line interface access to other computers

Transmits all data in cleartext (not encrypted)

20
New cards

File Transfer Protocol (FTP)

Used for transferring files between a client and a server

21
New cards

Lightweight Directory Access Protocol (LDAP)

Used to access and manage directory information services

22
New cards

Remote Desktop Protocol (RDP)

Allows users to connect to another computer over a network connection

23
New cards

Virtual Network Computing (VNC)

A graphical desktop-sharing system that uses the RFB protocol to remotely control another computer

24
New cards

Secure Shell (SSH)

A protocol used to securely connect to a remote system over an unsecured network (connection is encrypted)

25
New cards

Windows Management Instrumentation (WMI)

A set of specifications from Microsoft for consolidating the management of devices and applications in a network from Windows computing systems

26
New cards

Line Printer Daemon (LPD)

A network protocol for submitting print jobs to a remote printer, part of the LPR protocol suite, commonly used on Unix and Unix-like systems

27
New cards

JetDirect

A technology developed by HP for connecting printers to a network

28
New cards

Web Interfaces

Refer to the management consoles and administrative panels that many devices and services expose over HTTP or HTTPS

29
New cards

SQLMap

Can exploit a SQL injection vulnerability to gain access to the CMS database

30
New cards

Burp Suite

Helps identify and exploit web vulnerabilities by intercepting and modifying HTTP requests to bypass authentication mechanisms

31
New cards

HTTP Request Smuggling

A web security vulnerability that occurs when an attacker manipulates the way a web server processes HTTP requests

32
New cards

Living Off the Land Binaries (LOLBins)

Are legitimate system binaries that attackers can exploit to perform malicious activities while evading detection

33
New cards

netstat

A command-line utility that displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

34
New cards

net commands

Includes tools like net use, net view, net user, and net group

35
New cards

cmd.exe

Provides a powerful interface for executing commands and scripts

36
New cards

explorer.exe

The Windows graphical file manager

37
New cards

ftp.exe

The command-line FTP client in Windows

38
New cards

mmc.exe

The Microsoft Management Console, which provides a graphical interface for managing various system componenets

39
New cards

rundll32.exe

A utility that allows execution of functions exported from DLLs also known as dynamic link libraries

40
New cards

msbuild32.exe

A tool used to build applications in Visual Studio

41
New cards

route

A command used to view and manipulate the IP routing table

42
New cards

strings.exe and findstr.exe

Are command-line utilities for searching text within files

43
New cards

Sshuttle (Poorman’s VPN)

Useful tool for penetration testers because it allows to route traffic from a local machine through a remote network

Routes network traffic through a remote server, enabling access to internal resources as if physically connected

44
New cards

Covenant C2

An open-source C2 framework, written in the C# programming language, designed for red team operations and penetration testing

Built on .NET