What is Kill Chain?

Rupert Edwards edited this page Dec 5, 2016 · 5 revisions

What is “Kill Chain”?

From Wikipedia: The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision, order to attack the target, and finally the destruction of the target.

Reconnaissance – Uses social engineering to find weaknesses in the target’s security posture.

Weaponization – Crafting attack tools for the target system.

Delivery – Delivering the attack tools to the target system.

Exploit – The malicious file intended for an application target system or the operating system vulnerabilities control objectives is opened by the victim on target system.

Installation – Remote control program installed on target system.

Command & Control – Successfully compromised hosts will create a C2 channel on the Internet to establish a connection with the C2 server.

Actions – After the preceding process, the attacker will continue to steal information about the target system, undermine the integrity and availability of information, and further to control the machine to jump to attack other machines, to expand the sphere of influence.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.