Aidan Mitchell


Reverse Port Forwarding for Lateral Movement - Jul, 2023

Oftentimes on engagements, I find myself with credentialled access to a Windows host. Whether it be the product of harvesting credentials, stealing them from docs or scripts, or being provided with them as part of a collaborative exercise, the first thing I like to achieve is the ability to route network traffic via the host and to avoid having to do anything else with the host for the rest of the engagement.

Orchestrating Deployment of the Hacklab - Jul, 2022

This is a somewhat dated guide that I wrote on deploying a Windows AD Hacklab using Vagrant and Ansible. I originally published it on my own blog back in 2020 then pulled it down. In the inbetween, Andy Gill kindly let me publish it to his blog and there’s no real reason to duplicate it over here so you can read it on ZeroSec.