📄️ Local Port Forwarding
Local port forwarding is a technique used to redirect network traffic from a local machine to a remote target machine, often for the purpose of bypassing network restrictions or gaining access to services that would otherwise be inaccessible. It is commonly used when a pentester has access to a remote machine but wants to access an internal service behind a firewall or on a different network segment.
📄️ Remote Port Forwarding
Remote port forwarding is a technique used to redirect network traffic from a remote machine to a local machine, often to expose a local service to the remote network or bypass firewall restrictions. It is commonly used when a pentester has access to a remote machine but needs to make a local service available to the remote network or system.
📄️ Dynamic Port Forwarding
Dynamic port forwarding is a technique used to forward network traffic through a flexible tunnel, often to access multiple remote services or bypass network restrictions. It is commonly used when a pentester has access to a compromised machine and wants to route traffic to various destinations on the internal network using a single point of entry.
📄️ More Techniques
There are times when the pivot host is a Windows system instead of Linux. In such cases, we need alternatives to SSH for port forwarding and tunneling. Sometimes, we may not have a proper shell but only a reverse shell. In these scenarios, static binary tricks or other techniques might be necessary.
📄️ Ligolo-NG
Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS).