Action:
| Learning Domains/Level of Learning:
|
Army General Learning Outcomes:
| Safety Requirements:
|
Finding and researching vulnerabilities is a skill paramount to the success of both offensive and defensive operations. Not every vulnerability will have a patch that works in a defender’s environment, but often times there are publicly available proofs of concept that reveal the mechanism of the vulnerability. Understanding this mechanism allows for customized precise and effective mitigation. It also allows defenders to find similar unreported vulnerabilities on other systems. On the flip side, understanding the mechanism of a vulnerability allows attackers to exploit systems with said vulnerability, and can lead to further discovery of similar vulnerabilities.
Understand Initial Access
Understand process to conduct research to pair vulnerability to exploit
Identify requirements to accomplish a missions objectives
What is initial access?
What is now the most common method for gaining initial access?
Phishing!
What are some other techniques to gain initial access?
Transition from reconnaissance to weaponization
Leverage intelligence/data about network
Pair vulnerabilities to exploits
Align exploits to operational objectives
Open sources
Organizational capabilities
Mission Objectives drive requirements
Collection
Effects
Additional functionality to fulfill requirements
Communications security (COMSEC)
Exploit Development occurs from vulnerability pairing and mission-drivens requirement
Test and verify success
Testing provides a number of benefits:
Faster time to breakout of initial foothold
Reduced risk of detection and/or tool failure
Improved recovery times
Procure Hardware and software
Assign developer
Assign a tester to develop TTPs and break it
Document testing results
Testing environment