How to Help Others Be Safe Online
Weaponization/Delivery/Exploitation
Quick refresh on the steps of the killchain:
Weaponization: Once we find out what kind of vulnerabilities or protocols are running on the system we can find N-Days that we can weaponize or do vulnerability research ourselves to find 0-Days.
Delivery: This is where we decide how we will delivery our weaponized payload that will gain us access. This can be over the wire, through social engineering, or going somewhere and plugging in a USB.
Exploitation: This is where the actual code of our payload will execute allowing us to gain access to a system. Everything done after the initial execution of our code is considered post-exploitation.
To demonstrate these three steps we will be using an exploitation framework known as Metasploit. We can use Metasploit to pick N-Days, choose a delivery message, and use different exploitation modules to execute code.
There is no assignment for this lesson.