Discovery and Lateral Movement

In this chapter, you will learn how to

•  Identify operating system tools that can be used by attackers for information gathering

•  Use open source tools and techniques to gain target situational awareness

•  Execute techniques for moving laterally within an organization



During a pentesting engagement, once you have fortified your beachhead on a target system and pilfered user credentials, your next goal is to pivot to other systems within the network. Pivoting refers to using your beachhead as a gateway to other areas of the target organization’s network. Just as computer networks have default gateways to other networks, you can think of your initial access point as the default gateway to accomplish ...

Get GPEN GIAC Certified Penetration Tester All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.