lateral-movement

There are 5 repositories under lateral-movement topic.

• Threekiii / Awesome-Redteam

  一个攻防知识仓库 Red Teaming and Offensive Security

  command-and-controlexecutionexploitinitial-accesslateral-movementprivilege-escalationreconnaissancered-teaming
  Language:Python 3313

• opsdisk / the_cyber_plumbers_handbook

  Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.

  sshpenetration-testingtunnelingkalioscplateral-movementsocks5proxychainsblueteamredteampivoting
  2508

• ihebski / A-Red-Teamer-diaries

  RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

  pentestingredteamsecurity-toolsexploitactive-directoryvulnerabilitypenetration-testingtoolshackingscriptlateral-movementmeterpreterprivilege-escalationcrackmapexecmimikatzcybersecurityenumerationengagementmetasploitnmap
  1673

• blackarrowsec / mssqlproxy

  mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse

  security-toolmssqlproxylateral-movementpost-exploitation
  Language:Python 705

• The-Viper-One / PsMapExec

  A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec

  crackmapexechackingmimikatzpentestingpowershellactive-directoryvnclateral-movementrdpsamsprayingnetexec
  Language:PowerShell 681

• klezVirus / CheeseTools

  Self-developed tools for Lateral Movement/Code Execution

  powershell-remotingpowershellredteaminglateral-movementmssqlactive-directory-exploitation
  Language:C# 670

• blackarrowsec / pivotnacci

  A tool to make socks connections through HTTP agents

  sockspythonlateral-movementaspxjspphp
  Language:Python 643

• lawrenceamer / 0xsp-Mongoose

  a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

  privilege-escalationtoolkitsecurity-toolssecurity-auditwindows0xsp-mongoosewebapiagentmongooseredteamingwindows-vulnerabilityredteamlateral-movementimpersonationbackdoor-attacks
  Language:Pascal 529

• S1ckB0y1337 / TokenPlayer

  Manipulating and Abusing Windows Access Tokens.

  windowswindows-privilege-escalationwindows-internalstokenswindows-securitypentest-toolpost-exploitationlateral-movementuac-bypass
  Language:C++ 255

• ZeroMemoryEx / APT38-0day-Stealer

  APT38 Tactic PoC for Stealing 0days from security professionals

  win32apircemalwarevisual-studiolazarusmalware-researchred-team0day0day-stealerapt-38north-korean-aptlateral-movement
  Language:C++ 255

• mez-0 / CSharpWinRM

  .NET 4.0 WinRM API Command Execution

  wmiwinrmcsharpcommand-executionlateral-movement
  Language:C# 160

• travisbgreen / hunting-rules

  Suricata rules for network anomaly detection

  suricata-rulesuricataidsnsmthreat-huntingcybersecurityanomaly-detectioncyber-threat-intelligencenetwork-securitynetwork-monitoringlateral-movementthreat-intelligence
  144

• mez-0 / winrmdll

  C++ WinRM API via Reflective DLL

  winrmreflective-dllcobalt-strikelateral-movementcpp
  Language:C++ 138

• Viralmaniar / HiveJack

  This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the attacker machines provides option to delete these files to clear the trace.

  infrastructure-pentestintenalpentestinternal-pentestlateral-movementpentest-toolpentestingreghivessamdumpsecretdumpsystem-hives
  Language:C# 109

• mez-0 / MoveScheduler

  .NET 4.0 Scheduled Job Lateral Movement

  ps-scheduletaskpowershelltask-schedulertaskscheduler-librarylateral-movementwmi
  Language:C# 83

• thecybermafia / OffensiveActiveDirectory

  A set of instructions, command and techniques that help during an Active Directory Assessment.

  adactive-directoryactivedirectoryoffensive-securityredteamredteamingpowershellhacking-cheasheetcommands-cheatsheetoffensiveadmicrosoft-sql-serverlateral-movementpersistenceprivescawesomeawesome-listawesome-listsawesomeadawesomeactivedirectoryawesome-activedirectory
  75

• lawrenceamer / TChopper

  conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine

  lateral-movementredteam-toolsredteam
  Language:Pascal 49

• scipag / KleptoKitty

  Invoke-KleptoKitty - Deploys Payloads and collects credentials

  windowspowershellredteamcredentials-gatheringcredentialsevasionremote-controlremote-executionlateral-movementmimikatzlsawmipsexecwindows-remote-management
  Language:PowerShell 25

• databricks-industry-solutions / context-graph-analytics

  Time series knowledge graphs for cybersecurity

  cybersecuritygraph-analyticsidentity-resolutionknowledge-graphlateral-movementthreat-huntingdatabricks-industry-solutions
  Language:Python 14

• Hagrid29 / ReadWrite-DCOM

  Perform directory listing, read and write file on remote computer via DCOM methods

  dcomred-teaminglateral-movement
  Language:PowerShell 4

• EmilioPanti / worm

  A CALDERA plugin

  adversary-emulationcalderamitrered-teammitre-attacksecurity-testingwormlateral-movement
  Language:JavaScript 3

• idfp / go-persist

  Windows Persistence Techniques implemented in go

  golanglateral-movementred-teamwindows
  Language:Go 3

• Richl-lab / recognize-unusual-logins

  This tool is used to find anomalies or suspicious login events, especially to detect lateral movement.

  bigdatamachine-learninganomaly-detectionloginlateral-movementsuspicious-behaviours
  Language:R 3
• MITRE-ATT-CK

  AD-Attacks / MITRE-ATT-CK

  Active Directory attacks mapped to MITRE ATT&CK Framework

  active-directoryenumerationlateral-movementmitre-attackprivilege-escalationred-teaming
  2

• pyrrh1c / Start-RdpSessionTakeover

  A short script to automate the process of RDP session hijacking.

  rdpsecuritylateral-movementprivilege-escalationwindowshackinghijacking-methods
  Language:PowerShell 2

• biringaChi / SEAL

  Official Implementation of SEAL: A Secure Design Pattern Approach Toward Tackling Lateral-Injection Attacks. The 15th IEEE International Conference on Security of Information and Networks (SIN'22).

  securitysecurity-strategydelegationinjection-attackslateral-movementlateral-thinkingsqlinjectionsecure-behavioral
  Language:Python 1

• Potato-Industries / ssh.exe-windows-10-lolbas

  ssh.exe is available in windows 10 / server 2019 by default, let's LOLBAS it up!

  lateral-movementlolbasssh-clientwindows-10windows-server-2019
  1

• resiliencetheatre / nk-macsec

  Out Of Band keying of macsec (L2 encryption for LAN) with Nitrokey HSM modules.

  encryptionlateral-movementlayer2macsec
  Language:C 0

• bazilinskyy / videos-animations-crowdsourced

  Crowdsourced experiment on the use of lateral position for communication between an automated vehicle and a pedestrian.

  crowdsourcinglateral-movementautomated-drivinghuman-factorspedestrian
  Language:JavaScript

• LMscope / Jbeil

  [IEEE SP'24] The Official Implementation of "Jbeil: Temporal Graph-Based Inductive Learning to Infer Lateral Movement in Evolving Enterprise Networks"

  cybersecurityevolving-networksinductive-learninglateral-movementnetwork-securitytemporal-graph-learning
  Language:Jupyter Notebook