Multi-Hop Pivoting Chains
#Overview
When the target network has multiple segmentation layers, a single pivot is insufficient. Multi-hop chaining routes traffic through two or more compromised hosts to reach deeply segmented networks. This is common in enterprise environments with DMZ, internal, and restricted VLANs.
For basic double pivoting (SSH -J, Chisel chain), see 07 - Post-Exploitation. This section extends with complete multi-hop methodology, Docker/IPv6 pivoting, and platform-specific playbooks.
#Technique Files
| File | Covers | Complexity |
|---|---|---|
| Chaining Proxies | SSH -J chains, proxychains, Ligolo/Chisel multi-hop | Medium-High |
| Docker & IPv6 Pivoting | Docker bridge/host network, IPv6 tunnel/pivot | High |
| Platform Strategies | Linux-only, Windows-only, mixed, monitored, air-gapped | Medium |
#Cross-References
- 07 - Post-Exploitation — Foundational pivoting basics
- Tunnels & Proxies — Single-hop proxy techniques
- 09 - Lateral Movement — Post-pivot lateral movement