Breaking the Kill Chain

Breaking The Kill Chain: A Defensive Approach - YouTube

1. Reconnaissance
   1. Goal: Find a weakness to exploit
   2. Two kinds of reconnaissance
      1. Passive
         1. WHOIS
         2. Arin registation
         3. Google
         4. Shodan
         5. Job Listing
         6. Company Website
      2. Active
         1. NMAP
         2. Port Scanning
         3. Banner Grabbing
         4. Vulnerability Scanners
   3. Protection
      1. Passive
         1. Limit public information
         2. Educate employees of acceptable social media use
         3. Removing some error messages from public services
      2. Active
         1. Disable unused ports/services
         2. Honepots
         3. Firewalls
         4. IPS
         5. Tor and 3rd Party VPN inbound blocking
2. Weaponization
   1. Goal: Find or create the attack to exploit the weakness
   2. Common tools
      1. Cain and Abel
      2. SQLMap
      3. Aircrack
      4. Maltegowebapp
      5. Metasploit
      6. Exploit-DB
      7. Veil Framework
      8. Social Engineering Toolkit
      9. Wapiti
      10. Burpsuit
      11. Fratrat
   3. Defensive Measures
      1. Administrative controls
         1. Patch management
            1. Most breaches are caused by known vulnerabilities
         2. Disable common vectors
            1. Office Macros, Javascript, Browser Plugins, etc.
      2. Technical Controls
         1. Antivirus, IPS, email security, MFA, audit logging, etc.
3. Delivery
4. Exploitation
5. Installation
6. Command and Control
7. Actions on Objective