5 Gaining Access to the Network

Previously, in Chapter 2, we started the discussion of a unified kill chain for sophisticated attacks and its main phases:

Phase 1 – Gaining an initial foothold
Phase 2 – Maintaining enterprise-wide access and visibility
Phase 3 – Impact

Now, it is time to dive deeper into each phase and stage described before.

In this chapter, we will cover the intricacies of the first stage, Phase 1 – gaining an initial foothold. This phase is very important because it lays the foundation for maneuvering and scaling up the threat’s presence in the target infrastructure. We will scrutinize the most popular techniques used by threat actors to gain initial access to the network, such as exploiting public-facing applications, ...

Get Incident Response for Windows now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response for Windows by Anatoly Tykushin, Svetlana Ostrovskaya

5

Gaining Access to the Network

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly