Lateral movement
Lateral movement is the process where you try to pivot from a compromised system into other systems within the same or different subnets within the environment. It is an important step in maintaining access as it enables you to move around the environment, obtaining additional credentials, thus making it difficult for system admins or remediation teams to remove your access completely without proper scoping. The following is a diagram of lateral movement after initial exploitation.

Figure 7.3 – Lateral movement (Source:
Now let’s look at a lateral movement tool, evil-winrim
, next.
Evil-WinRM ( is an open source tool that can help with connecting to remote systems using Windows Remote Management (WinRM...