Cyber Kill Chain


The term kill chain was originally used as a military concept related to the structure of an attack, consisting of target identification, force dispatch to target, decision and order to attack the target, and finally the destruction of the target.

Steps for attack

Reconnaissance

1) Reconnaissance:- Harvesting email address, conference information etc. gathering the information of the particular organization.

Weaponization

2) Weaponization:- In this weaponization there are 2 steps 1)exploit 2)payload
                             Exploit:-Entering into the system through backdoor.
                             Payload:-After entering into the system what are the things to be done it will                                                       assign.

Delivery

3) Delivery:- Delivering weaponized bundle to the victim via email, web, USB etc.

Exploitation

4) Exploitation:- Exploiting a vulnerability to excute code on victim's system.

                                                                     Installation

5) Installation:- Installing malware on the asset and gaining access of the victim's system.

                                                          Command & Control (C2)

6) Command & Control (C2):- After installing the malware on the victim's system take the command channel for remote manipulation of victim.

Action On Objectives

7) Action On Objectives:- With 'hands on keyboard' access, intruders accomplish their original goals.



Comments