Methods of Attack
Building off of domains of attack, and mechanisms of attack, MITRE also created an unbelievable resource that provides a way of looking at how those mechanisms are applied to the various domains of attack. Unsurprisingly, it is called ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge). This is the real world, practical application of these theories and it lists out the many many many ways that bad guys get in.
This resource will take a prohibitively long time to go through, and honestly deserves its own course. But if you don't know what each of the items described in it means, you will be hurting in the long term. For now, it is a bunch of stuff that is good for you to have an understanding that they exist.
We are going to have you read through all of this to help your brain understand what is possible. Consider it a crash course in evil.
- For the items in Initial Access, write one sentence summarizing how the attack works.
Execution has a lot of complicated things that do not require understanding yet. For now, just write one sentence for the following items:
Exploitation for Client Execution
- Service Execution
- User Execution
- Script Execution (this is not it's own specific item, but you'll be able to figure it out)
Operating System Execution (this isn't either)
Read through Persistence, but don't worry about understanding most of it. There's a lot of useful technical things in there, but this will help you see words and just familiarize yourself with it.
- Same with Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration, Command and Control.... this requires more work... but really just read it and ignore the things that don't make sense. It's good practice.
Skip Pre-Attack for now. (https://attack.mitre.org/pre-attack/index.php/Main_Page) It requires its own stuff, lot of work to do.