5. Port Forwarding & Tunneling
Overview
To understand how attackers move inside a network, we first need to look at how networks are designed. Flat Networks: Easy to Build, Easy to Break In a flat network, all devices can communicate directly with each other. There are no meaningful internal boundaries. From an attacker’s perspective, this is …
Port Forwarding
Scenario Overview Imagine we are conducting a penetration test and discover a critical vulnerability on a public-facing web server. By exploiting this flaw, we achieve remote code execution, which gives us a shell on a Linux-based e-commerce web server exposed to the internet on port 8000.At this point, we already …
SSH Tunneling
Understanding SSH Tunneling What Is Tunneling?At a high level, tunneling is the practice of hiding one type of network traffic inside another as it moves across a network. Instead of sending data directly in its original form, the traffic is encapsulated within a different protocol and carried through the network …
HTTP Tunneling
Deep Packet Inspection (DPI): A Defensive Control We Must Bypass Deep Packet Inspection (DPI) is a network security technology used to closely monitor and analyze network traffic. It is commonly deployed at network perimeters—such as firewalls or network limiters—to detect intrusion patterns, policy violations, or suspicious behavior.From an attacker’s perspective, …
DNS Tunneling
Understanding DNS Tunneling In modern networks, DNS is one of the most trusted and least restricted protocols. From an attacker’s point of view, this makes it an attractive channel for covert communication, data exfiltration, and even command-and-control (C2). To understand DNS tunneling, we first need to understand how normal DNS …