Kill Chain
Kill chain Overview
Lockheed martin developed the first kill chain map but a few iteration have come along the way. The following cyber kill chains are made by Varonis and Cytomic. Both are good.
Or even this one which divides External and Internal kill chains.
All you need is access Note: Not my favorite way of hacking but it still is very interesting. It can always be fun to phish with malware/trollware infected usb or keylog/tap into a line. In reality, this will happen probably never while doing a pentest, at least not a web-application/infrastructure test. I would assume that government-based hacking groups are very into hardware hacking for very obvious reasons, when you have a good amount of money and your hands in major electronic/distribution companies, it becomes a very scalable and scary attack vector
Don't peek, don't peek ! proceeds to peek
There is no penetration testing without recon. Learn to scan properly to avoid getting blacklisted or detected by an IDS.
Network scanning is an integral part of hacking. I would say that 95% of penetration tests will have any kind of scan involved, ranging from port scans, directory fuzzing, to intrusive SQL injection scans.
Let's have a look inside.
Having a foot in a box is good but usually pretty limited, it is always a nice thing to elevate our privileges and capabilities.
root
Having a foot in a box is good but usually pretty limited, it is always a nice thing to elevate our privileges and capabilities.
Persistence, C2, exfiltration, all the good stuff
Depending on the scenario, you might want to implement some form of backdoor and be able to come back whenever you want or can.
Last updated
