Attackers are increasingly living off the land; They are using tools that are already installed on the systems in the environment. Not creating new files or malware means that it is more difficult to detect such attacks using traditional techniques. This talk focuses on techniques that attackers use to move laterally and how to detect and hunt for such activity. This talk is second in a series of talks on Threat hunting. The first part of this series is available here.