Pivoting in pen testing is the act of moving from host to host through compromise.
Pivoting can also be known as lateral movement.
The tester will leverage exploits to gain access to a system, then from that system take over another.
Often it is necessary as the second system would be untouchable or more secure if the first wasn’t compromised.
What is network pivoting
Network pivoting is the act of gaining access to other systems that are not directly accessible.
This can be on other networks or on network edge points, or on the same network but giving the tester access to new systems that weren’t exploitable.
Network pivoting techniques
Techniques for network pivoting rely on compromising systems that have special access.
This can be a system with two network cards, that allow an attacker to access a second network.
Another is to gain control of a system that has saved firewall or router credentials that can be used to change access control lists.
Testers can also run tools locally on the system to gain user account credentials to other systems.
Pivoting vs lateral movement
Lateral movement is the act of spreading through an environment by pivoting from system to system. In a sense they are the same, just that lateral movement often involves multiple pivots.
Pivoting pentest/red team pivoting
A good pen test or red team exercise allows for the testers to pivot through the environment.
This can get a better sense of what a hacker can actually do beyond just scanning for vulnerabilities. It provides an attack narrative and leverages the Mitre ATT&CK framework’s steps.