HackTheCore

Network // Internal Operations

Internal Operations

This domain focuses on internal network assessment, host-to-host movement, credential abuse, enterprise visibility, command-and-control tradecraft and the operator decisions that connect initial access to meaningful impact.

15 notescurated referencespublic research surface

Domain overview

This domain focuses on infrastructure, trust relationships and movement through enterprise environments. Enumeration quality, credential handling, lateral movement, pivoting and evidence discipline are central here.

Related certification context

These certifications are useful orientation points for this domain and are included as context, not as gatekeeping.

  • OffSec OSCP+ / PEN-200Foundational penetration-testing workflow, exploitation discipline and reporting under pressure.
  • OffSec OSEP / PEN-300Advanced internal operations, evasion, pivoting and mature operator tradecraft.

Curated public references

Brief index

brief

Introduction

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

2 focus points0 links
brief

Network Pentesting Theory

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

7 focus points2 links
brief

Network Pentesting Practice

Hands-on internal testing patterns for enumeration, footholds, validation and targeted exploitation.

10 focus points6 links
brief

Password Cracking

Wordlists, profiling, hash formats and the trade-offs between offline cracking and online guessing.

9 focus points0 links
brief

Active Directory Pentesting

Trust mapping, attack-path discovery, authentication abuse and post-compromise movement inside Windows domains.

10 focus points8 links
brief

C2 Frameworks

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

10 focus points21 link
brief

Thick Client Pentesting

Client-side review of rich applications, local storage, protocol handling and trust assumptions.

8 focus points0 links
brief

Exploit Pack

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

2 focus points2 links
brief

Persistence

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

10 focus points3 links
brief

Pivoting & Portforwarding

Industrial protocols, safety constraints and legacy trust assumptions in operational environments.

10 focus points2 links
brief

Powerview Quick Reference

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

1 focus point0 links
brief

Cobalt Strike Quick Reference

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

1 focus point0 links
brief

Quick Reference

Infrastructure-facing techniques for enumeration, access, movement and evidence-led validation.

10 focus points0 links