killchain-compendium/Miscellaneous/Killchains.md

Security Killchains

Frameworks of killchains are inherited from the military and separate steps in which an attack occurs.

Lockheed & Martin

• Lockheed & Martin's Cyber Kill Chain Website

1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command & Control
7. Actions on Objectives

Mitre ATT&CK Matrix

Mitre ATT&CK is a matrix of Tactics, Techniques and Procedures (TTP) of adversaries called Adanced Persistent Threats (APT). The tactics are

1. Reconnaissance
2. Resource Development
3. Initial Access
4. Execution
5. Persistence
6. Privilege Escalation
7. Defense Evasion
8. Credential Access
9. Discovery
10. Lateral Movement
11. Collection
12. Command and Control
13. Exfiltration
14. Impact

Crowdstrike as a threat intelligence tool is built on the Mitre ATT&CK framework.

Unified Cyber Kill Chain

The Unified Cyber Kill Chain is the youngest and
most detailed framework and builds upon the other frameworks. It contains combined
stages which are seen as lifecycles with potentially repeatable steps.

1. Reconnaissance
2. Weaponization
3. Delivery
4. Socical Engineering
5. Exploitation
6. Persistance
7. Defense Evation
8. Command & Control
9. Pivoting
10. Discovery
11. Privilege Escalation
12. Execution
13. Credential Access
14. Lateral Movement
15. Collection
16. Exfiltration
17. Impact
18. Objectives

Mentioned lifecycles are Inital Foothold, Network Propagation and
Actions on Objective