# Lateral Movement Admin -> System

> **Lateral movement** refers to the techniques that cyber attackers, or [threat actors](https://en.wikipedia.org/wiki/Threat_actor "Threat actor"), use to progressively move through a [network](https://en.wikipedia.org/wiki/Computer_network "Computer network") as they search for the key data and assets that are ultimately the target of their attack campaigns.<sup class="reference" id="bkmrk-%5B1%5D">[<span class="cite-bracket">\[</span>1<span class="cite-bracket">\]</span>](https://en.wikipedia.org/wiki/Lateral_movement_(cybersecurity)#cite_note-Security_Week-1)</sup><sup class="reference" id="bkmrk-%5B2%5D">[<span class="cite-bracket">\[</span>2<span class="cite-bracket">\]</span>](https://en.wikipedia.org/wiki/Lateral_movement_(cybersecurity)#cite_note-2)</sup><sup class="reference" id="bkmrk-%5B3%5D">[<span class="cite-bracket">\[</span>3<span class="cite-bracket">\]</span>](https://en.wikipedia.org/wiki/Lateral_movement_(cybersecurity)#cite_note-3)</sup> While development of more sophisticated sequences of attack has helped threat actors develop better strategies and evade detection as compared to the past, similar to planning a [heist](https://en.wikipedia.org/wiki/Theft "Theft"), cyber defenders have also learned to use lateral movement against attackers in that they use it to detect their location and respond more effectively to an attack.<sup class="reference" id="bkmrk-%5B1%5D-1">[<span class="cite-bracket">\[</span>1<span class="cite-bracket">\]</span>](https://en.wikipedia.org/wiki/Lateral_movement_(cybersecurity)#cite_note-Security_Week-1)</sup>

[Lateral movement (cybersecurity) - Wikipedia](https://en.wikipedia.org/wiki/Lateral_movement_(cybersecurity))

### PSexec Alternativen

wenn es bereits bestehende Sicherheitsmaßnahmen gibt, wie z.B. den Aufruf von \\\\live.sysinternals.com\\tools\\psexec64.exe zu verhindern.

```powershell
schtasks /create /tn RunAsSystem /tr "cmd.exe /c your_command" /sc once /st 00:00 /ru SYSTEM /f
```

- [Impacket](https://github.com/fortra/impacket) -&gt; [psexec.py](https://github.com/fortra/impacket/blob/master/examples/psexec.py) &amp; [smbexec.py](https://github.com/fortra/impacket/blob/master/examples/smbexec.py) - SMBexec soll weniger AV triggern...

```powershell
Enable-PSRemoting
$sess = New-PSSession -ComputerName <Name>
Enter-PSSession -ComputerName <Name> OR -Sessions <SessionName>
```

### Drittanbieter

- [Windows Lateral Movement with smb, psexec and alternatives | nv2lt - Scratching the Surface](https://nv2lt.github.io/windows/smb-psexec-smbexec-winexe-how-to/)
- [GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.](https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet?tab=readme-ov-file#lateral-movement)