Professional Documents
Culture Documents
Cyber Kill Chain Framework
Cyber Kill Chain Framework
Cyber Kill Chain Framework
The Cyber Kill Chain®'s seven steps provide visibility into an assault and deepen
an analyst's awareness of an adversary's tactics, techniques, and processes.
1. RECONNASSIANCE--→
WAYS TO DO RECONNASSIANCE→
During reconnaissance work, the following sources of information are often used:
TOOLS→
• Nmap
• Metasploit
• Wireshark
• Shodan
• Nessus
• OpenVAS
• Maltego
• Dmitry
• Hawkscan
• Traceroute NG
• Nslookup
• Recon-ng
2. WEAPONIZATION--→
WAYS OF WEAPONIZATION →
Weaponization can include creating new types of malware or modifying existingtools
to use in a cyberattack. For example, cybercriminals may make minor modifications
to an existing ransomware variant to create a new Cyber Kill Chain tool
3. DELIVERY--→
In the delivery phase, users are reached by hacking into a target's
network and using other Cyber Kill Chain technologies. Delivery may
involve sending phishing emails with malware attachments and clickbait
subject lines to users. Delivery may also involve breaking into a
company's network and infiltrating it using a hardware or software
weakness.
4. EXPLOITATION--→
The next step is exploiting the vulnerabilities they discovered in the
earlier rounds of the cyber kill chain after the successful distribution of
malware or other types of hacking. Attackers can now penetrate a
target's network further and discover new vulnerabilities that they were
not aware of when they got there.
5. INSTALLATION--→
• Trojan horses
• Access token manipulation
• Command-line interfaces
• Backdoors
One of the crucial steps of the cyber security kill chain is the development
of a command and control channel (also known as the C2 phase). After
gaining control of part of their target’s system or accounts, the attacker can
now track,monitor and guide their deployed cyberweapons and tool stacks
remotely. This stage can be broken down into two methods:
7.ACTION ON OBJECTIVES→
THANK YOU
PREPARED BY-----NAVNEET NAYAK