Lateral movement consists of techniques that enable an adversary to
access and control remote systems on a network and could, but does not
necessarily, include execution of tools on remote systems. The lateral
movement techniques could allow an adversary to gather information from a
system without needing additional tools, such as a remote access tool.
An adversary can use lateral movement for many purposes, including remote Execution of tools, pivoting to additional systems, access to specific information or files, access to additional credentials, or to cause an effect. The ability to remotely execute scripts or code can be a feature of adversary remote access tools, but adversaries may also reduce their tool footprint on the network by using legitimate credentials alongside inherent network and operating system functionality to remotely connect to systems.
https://www.powershellempire.com/?page_id=122
https://blog.cobaltstrike.com/2014/04/30/lateral-movement-with-high-latency-cc/
An adversary can use lateral movement for many purposes, including remote Execution of tools, pivoting to additional systems, access to specific information or files, access to additional credentials, or to cause an effect. The ability to remotely execute scripts or code can be a feature of adversary remote access tools, but adversaries may also reduce their tool footprint on the network by using legitimate credentials alongside inherent network and operating system functionality to remotely connect to systems.
https://www.powershellempire.com/?page_id=122
https://blog.cobaltstrike.com/2014/04/30/lateral-movement-with-high-latency-cc/
Tidak ada komentar:
Posting Komentar