Strategy: Reconnaissance

• Gathering info like system hardware info, network configuration, individual user info

Social Engineering

• Talking to employees to get them to give info

Technical approaches

• port scan
• ping sweep

Breach the system

• often achieved by using info from recon

Escalate privileges

• Primary objective
• Getting root access allows greater control on system

Create a backdoor

• Alternative method of accessing
• Hackers often create backdoors

Stage Computers

• Involves preparing it to perform additional tasks in the attack

Exploit Vulnerabilities

• Data exfiltration - unauthorized copying of data
• Input validation - passes invalid data which causes unexpected behavior