Pivoting uses a compromised host as a relay to attack other systems not directly reachable from the attacker's machine — tunneling through the network.
Meterpreter's route command and SOCKS proxies enable pivoting. VPN-like tunnels through compromised hosts reach internal systems. Network segmentation limits pivot potential. Detect via unusual cross-segment connections.