cyber killchains

misc/Killchains.md

@@ -0,0 +1,65 @@
+# Security Killchains
+
+Frameworks of killchains are inherited from the military and separate steps in which an attack occurs.
+
+## Lockheed & Martin 
+
+* [Lockheed & Martin's Cyber Kill Chain Website](https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html)
+
+1. Reconnaissance
+2. Weaponization
+3. Delivery
+4. Exploitation
+5. Installation
+6. Command & Control
+7. Actions on Objectives
+
+## Mitre ATT&CK Matrix
+
+[Mitre ATT&CK](https://attack.mitre.org) is a matrix of __Tactics, Techniques and Procedures (TTP)__ of adversaries called __Adanced Persistent Threats (APT)__. The tactics are
+
+1. Reconnaissance
+2. Resource Development
+3. Initial Access
+4. Execution
+5. Persistence
+6. Privilege Escalation
+7. Defense Evasion
+8. Credential Access
+9. Discovery
+10. Lateral Movement
+11. Collection
+12. Command and Control
+13. Exfiltration
+14. Impact
+
+[Crowdstrike](https://crowdstrike.com) as a threat intelligence tool is built on the Mitre ATT&CK framework.
+
+## Unified Cyber Kill Chain
+
+[The Unified Cyber Kill Chain](https://unifiedkillchain.com) is the youngest and  
+most detailed framework and builds upon the other frameworks. It contains combined  
+stages which are seen as lifecycles with potentially repeatable steps.
+
+1.  Reconnaissance
+2.  Weaponization
+3.  Delivery
+4.  Socical Engineering
+5.  Exploitation
+6.  Persistance
+7.  Defense Evation
+8.  Command & Control
+9.  Pivoting
+10. Discovery
+11. Privilege Escalation
+12. Execution
+13. Credential Access
+14. Lateral Movement
+15. Collection
+16. Exfiltration
+17. Impact
+18. Objectives
+
+Mentioned lifecycles are __Inital Foothold__, __Network Propagation__ and  
+__Actions on Objective__
+