filmov
tv
Real Hacking: Learn The Cyber Kill Chain
Показать описание
The cyber kill chain is a 7-step process to hack into targets. Examples of targets might include devices, networks, or organizations. Just as how computer networking has a conceptual model of layers, hacking has phases. The violent “kill” aspect of the term stems from its heritage in military operations. It all starts of with:
(1) Reconnaissance. There's never enough scouting and research to prep in advance before an engagement. Reconnaissance doesn't mean host and port scanning and service enumeration. It can also include methods OSINT, in-person scouting, and pattern-of-life analysis. The more diligence performed at the recon stage, the easier it is to hack later on in the cyber kill chain.
(2) Weaponization. This might be the most involved stage of the cyber kill chain. A better word might be "payload-ization." Cyber tools aren't kinetic weapons that create kinetic destruction. Rather they are more like spells to give the caster access and influence over a target. To hack, you need both an exploit and a payload. The exploit lets you take control over the thread of execution for a victim process. The payload is the code you want to run on top of the hijacked process. Often, for client-side attacks, you’ll have to hide both in a benign file or webpage to have a user start the hack.
(3) Delivery. There's a lot of ways to send data from Point A to Point B. Getting remote execution at the same time is the hard part. Sometimes this involves co-opting a user to help you. Other times you can fire off an exploit at a running service directly across the Internet. In some cases, you can have malware installed on a system en-route from the factory. Client-side, service-side, and supply-chain attacks are all forms of delivery methods.
(4) Exploitation. The point of code execution is where all the magic happens. This determines whether the hack actually succeeds. But exploitation isn't just a singular event. There's a ton of engineering time required to turn a proof-of-concept into a reliable tool. Bypassing memory protections or sandboxing methods are examples of feats needed for execution.
(5) Installation. Hacking is much more than remote access. It means maintaining persistence so you can access on-demand. Hand-in-hand with installation in the cyber kill chain is maintaining persistence. To survive a reboot or even re-format is important to make sure the previous steps don't go to waste. Persistence does increase the potential for detection though. Memory-only installation, rootkits, encrypted virtual file systems are some ways to maintain stealth.
(6) Command & Control. E.T. needs to phone home. If there's a network, the problem lies in keeping stealthy. If there's no network, then the problem lies phoning home without a phone. The C2 aspect of the cyber kill chain determines successful follow-on objectives. If you can’t communicate without detection, it'll be a short-lived hacking operation.
(7) Actions on the Objective. Real hacking always has a purpose to it. There’s little point in all the hard work of Steps 1-6 of the cyber kill chain if there’s no end-state to achieve. Depending on the threat actor, it can be for intel gathering, espionage, or financial gain. The actions on the objectives should support the end state. Tactically, this may be stealing data and expanding access to other devices.
----- RESOURCES -----
Intelligence-Driven Computer Network Defense, Lockheed Martin:
The Unified Kill Chain, Paul Pols:
00:00 Different Levels of Warfare and Cyber Operations
00:46 The Cyber Kill Chain Framework
01:41 How Hacking Parallels Military Operations
02:42 Step 1: Reconnaissance
04:23 Step 2: Weaponization
05:53 Step 3: Delivery
08:18 Step 4: Exploitation
09:35 Step 5: installation
10:52 Step 6: Command-and-Control
12:55 Step 7: Actions on the Objective
13:21 Strategic Considerations of Hacking
#Hacking #KillChain #Cyberspatial
(1) Reconnaissance. There's never enough scouting and research to prep in advance before an engagement. Reconnaissance doesn't mean host and port scanning and service enumeration. It can also include methods OSINT, in-person scouting, and pattern-of-life analysis. The more diligence performed at the recon stage, the easier it is to hack later on in the cyber kill chain.
(2) Weaponization. This might be the most involved stage of the cyber kill chain. A better word might be "payload-ization." Cyber tools aren't kinetic weapons that create kinetic destruction. Rather they are more like spells to give the caster access and influence over a target. To hack, you need both an exploit and a payload. The exploit lets you take control over the thread of execution for a victim process. The payload is the code you want to run on top of the hijacked process. Often, for client-side attacks, you’ll have to hide both in a benign file or webpage to have a user start the hack.
(3) Delivery. There's a lot of ways to send data from Point A to Point B. Getting remote execution at the same time is the hard part. Sometimes this involves co-opting a user to help you. Other times you can fire off an exploit at a running service directly across the Internet. In some cases, you can have malware installed on a system en-route from the factory. Client-side, service-side, and supply-chain attacks are all forms of delivery methods.
(4) Exploitation. The point of code execution is where all the magic happens. This determines whether the hack actually succeeds. But exploitation isn't just a singular event. There's a ton of engineering time required to turn a proof-of-concept into a reliable tool. Bypassing memory protections or sandboxing methods are examples of feats needed for execution.
(5) Installation. Hacking is much more than remote access. It means maintaining persistence so you can access on-demand. Hand-in-hand with installation in the cyber kill chain is maintaining persistence. To survive a reboot or even re-format is important to make sure the previous steps don't go to waste. Persistence does increase the potential for detection though. Memory-only installation, rootkits, encrypted virtual file systems are some ways to maintain stealth.
(6) Command & Control. E.T. needs to phone home. If there's a network, the problem lies in keeping stealthy. If there's no network, then the problem lies phoning home without a phone. The C2 aspect of the cyber kill chain determines successful follow-on objectives. If you can’t communicate without detection, it'll be a short-lived hacking operation.
(7) Actions on the Objective. Real hacking always has a purpose to it. There’s little point in all the hard work of Steps 1-6 of the cyber kill chain if there’s no end-state to achieve. Depending on the threat actor, it can be for intel gathering, espionage, or financial gain. The actions on the objectives should support the end state. Tactically, this may be stealing data and expanding access to other devices.
----- RESOURCES -----
Intelligence-Driven Computer Network Defense, Lockheed Martin:
The Unified Kill Chain, Paul Pols:
00:00 Different Levels of Warfare and Cyber Operations
00:46 The Cyber Kill Chain Framework
01:41 How Hacking Parallels Military Operations
02:42 Step 1: Reconnaissance
04:23 Step 2: Weaponization
05:53 Step 3: Delivery
08:18 Step 4: Exploitation
09:35 Step 5: installation
10:52 Step 6: Command-and-Control
12:55 Step 7: Actions on the Objective
13:21 Strategic Considerations of Hacking
#Hacking #KillChain #Cyberspatial
0:14:55
Real Hacking: Learn The Cyber Kill Chain
0:00:27
Hacking Knowledge
0:00:43
How Do I Learn About Hacking? #programming #lowcode #tech #codinglessons #security
0:00:21
How to be a hacker in 1 minute 😎 #shorts
0:00:19
Ethical Hacking Guide for Beginners | Learn Ethical Hacking #ytshortsindia #ethicalhacking #shorts
0:00:58
This Hacker Saved the Internet
0:00:57
You need these skills to become a hacker
0:01:01
NO.1 HACKER EXPLAINS HOW TO HACK A WIFI! #ryanmontgomery #pbdpodcast #cybersecurity
8:12:17
Microsoft Security MASTERMIND SC 900!
12:16:54
Ethical Hacking in 12 Hours - Full Course - Learn to Hack!
0:00:49
Apple Will Pay Hackers $1,000,000 For This Bug Bounty 😳
0:00:31
Hacking 🔥 Expectation vs Reality | Coding Status For WhatsApp
0:12:11
How to learn hacking for free in 2024
0:00:25
The Most Dangerous Hacker - Ryan Montgomery
0:00:16
A Day in the Life of Cyber Security | SOC Analyst | Penetration Tester | Cyber Security Training
0:00:47
COMPLETE Cybersecurity Roadmap
0:00:13
Websites to Learn Ethical Hacking for Free | Free Ethical Hacking Courses
0:00:26
The Best FREE Cyber Security Courses for Beginners
0:06:55
Introduction to Hacking | How to Start Hacking
0:00:32
BEST PROGRAMMING LANGUAGES FOR ETHICAL HACKERS
0:02:56
Watch This Russian Hacker Break Into Our Computer In Minutes | CNBC
0:00:34
Hacking into Android in 32 seconds | HID attack | Metasploit | PIN brute force PoC
0:00:32
This 15 year old boy HACKED NASA
0:00:51
Cyber Security Training for Beginners #cybersecurity #hacking
Комментарии