Post-exploitation tunneling and pivoting: use SSH, SOCKS, HTTP(S), and other tunnels to route traffic through compromised hosts for lateral movement and egress when direct access is restricted.
Tunneling and pivoting are post-exploitation techniques used after you have access to a host. They let you route traffic through the compromised system to reach internal networks, bypass egress restrictions, or expose local services.
When to use: After you have a shell (or other access) on a pivot: choose a method that fits what’s available (e.g. SSH if you have SSH access), set up the tunnel or proxy, then point your tools at the forwarded port or SOCKS proxy.