• Goa 2020
  • AMMO
  • PivotSuite

PivotSuite

manish-gupta

Tool Name:

PivotSuite

Speaker:

Manish Gupta

Download Link:

https://github.com/RedTeamOperations/PivotSuite



Abstract:

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client.

PivotSuite as a Server :

If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on compromised machine and access the different subnet hosts from our pentest machine, Which was only accessible from compromised machine.

PivotSuite as a Client :

If the compromised host is behind a Firewall / NAT and isn't directly accessible from our pentest machine, Then we can run pivotsuite as a server on pentest machine and pivotsuite as a client on compromised machine for creating a reverse tunnel (Reverse Connection). Using this we can reach different subnet hosts from our pentest machine, which was only accessible from compromised machine.

Bio:

Manish Gupta is a Security Engineer, Red Team at Citrix. A part-time Bug Bounty Hunter and CTF Player. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). He is currently working on developing Open-Source Offensive Security Toolkit which helps Red Teamers / Penetration Testers.

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved