SKILL: Windows Lateral Movement — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert Windows lateral movement techniques. Covers PsExec, WMI, WinRM, DCOM, SMB, RDP, SSH, pass-the-hash, overpass-the-hash, pass-the-ticket, and pivoting. Base models miss execution method fingerprints, OPSEC trade-offs, and credential type requirements per method.

0. RELATED ROUTING

Before going deep, consider loading:

• windows-privilege-escalation after landing on a new host for local escalation
• windows-av-evasion when EDR blocks lateral movement tools
• active-directory-kerberos-attacks for Kerberos-based lateral (pass-the-ticket, delegation)
• active-directory-acl-abuse for ACL-based paths to new hosts

Advanced Reference