Tunneling and port forwarding tools used during red teaming assessments

Infosec Institute - 

Security experts traverse network boundaries to access internal infrastructures and sensitive information even over the most protected and secure environments. With tunneling and port-forwarding methods, a pivot machine inside the internal network can be used as a bounce machine to connect with other unrouted networks, critical devices, active directory assets, including the AD controller, and all the perimeter. 

Most Popular Tools Sshuttle

Sshuttle is a transparent proxy server over ssh that works as a simple VPN. It doesn’t require admin access ad forwards the traffic over SSH protocol. This tool also supports DNS tunneling when TCP communication is blocked by default.

To transfer traffic to via the pivot, we can use the following command:

sshuttle -r ptavares@

After that, sshuttle will create the iptables rules, and the communication can be done by using a command like this:

curl –head

URL: https://github.com/sshuttle/sshuttle

SSH Tunneling

Suppose you find a way to communicate with the SSH server installed on the target server, connect with the -D flag. With this parameter in place, the tool will spawn a socks server on the client side.

Read More: https://resources.infosecinstitute.com/topic/tunneling-and-port-forwarding-tools-used-during-red-teaming-assessments/