Lateral Movement
Explore 10 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.
An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
A post-exploitation framework designed to operate covertly on heavily monitored environments.
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.
Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.