BusinessRed TeamingHow to Leverage Internal Proxies for Lateral Movement, Firewall Evasion, and Trust Exploitation bulwarkblack11 months ago11 months ago02 mins Home OverviewThe primary tactic we will be exploring in this post is the use of proxies inside of a target network. There are a lot of different types of proxies for both offense and defense. This post will focus on Internal Proxies (MITRE 1090.001) which are a sub-technique of Proxy (MITRE 1090). We will cover how to leverage internal proxies while navigating around a target network for lateral movement, firewall evasion, trust exploitation, and defense evasion. Additionally, we will demonstrate two techniques: (1) netsh interface portproxy and (2) TCP redirectors using adversary code.The tools used in this post include:PowerShellnetshSpecterInsightBackground KnowledgeDefinitionsProxy: An application that “breaks” the connection between client and server. The proxy accepts certain types of traffic entering or leaving a network and processes it and forwards it.Redirector: A script for filtering and processing traffic in a proxy server. Redirectors can be used to reject redirection requests for certain addresses, modify the content of web pages being transmitted, or display service messages on the screen of the proxy server client.Honestly, I tend to use these terms interchangeably. Post navigation Previous: THE BUG HUNTERS METHODOLOGY LIVENext: How to protect Evilginx using Cloudflare and HTML Obfuscation
How to communicate a cyber breach to minimize reputational damage bulwarkblack9 months ago9 months ago 0