From Wikibooks, open books for an open world
Jump to navigation Jump to search


Denial-of-service attack
Downgrade attack to impose usage of weaker protection. For example POODLE attack.
Brute-force attack
Exploit vulnerabilities
Crack authorization
Cracking of wireless networks
Session hijacking by theft of a session key
Spoofing attacks: DNS spoofing, ARP spoofing, MAC spoofing
Fuzzing to crack trust boundaries
Man-in-the-middle attack.
Privilege escalation

Stages of The unified kill chain related to penetration stage:

3. Delivery - Techniques resulting in the transmission of a weaponized object to the targeted environment.
4. Social engineering - Techniques aimed at the manipulation of people to perform unsafe actions.
6. Persistence - Any access, action or change to a system that gives an attacker persistent presence on the system.
7. Defense evasion - Techniques an attacker may specifically use for evading detection or avoiding other defenses.
8. Command & control - Techniques that allow attackers to communicate with controlled systems within a target network.
11. Privilege escalation - The result of techniques that provide an attacker with higher permissions on a system or network.
12. Execution - Techniques that result in execution of attacker-controlled code on a local or remote system.
13. Credential access - Techniques resulting in the access of, or control over, system, service or domain credentials.
14. Lateral movement - Techniques that enable an adversary to horizontally access and control other remote systems.

bettercap net.fuzz

See also: