Summary
This is a comprehensive pivot playbook for moving through compromised networks. It covers SSH tunneling in all variations (local, remote, dynamic, ProxyJump), Chisel for reverse SOCKS proxies, Ligolo-ng for TUN-based transparent routing, and egress-constrained scenarios like DNS tunneling with iodine and ICMP with ptunnel-ng. The decision matrix is the standout piece here, mapping which tool to use based on what's actually allowed outbound (TCP any port, HTTP only, DNS only, etc.). It also handles Windows-specific pivoting with netsh and plink. If you're doing red team work or need to route tools through multi-layer networks, this gives you the syntax and logic for most common scenarios without having to reconstruct it from fragmented blog posts.
Install to Claude Code
npx -y skills add yaklang/hack-skills --skill tunneling-and-pivoting --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →First SeenJun 3, 2026
