🔗 Phase 1: Reconnaissance
Collect data:
- LinkedIn (employees)
- GitHub (secrets)
- Public files (.env, configs)
- Tools: Shodan, Google Dorks
🔧 Phase 2: Preparation
- Build payload
- Craft phishing email
- Identify weak points
🎯 Phase 3: Initial Access
Methods:
- Phishing
- Exploits
- Weak passwords
🕵️ Phase 4: Persistence
Stay inside system:
- Backdoors
- Scheduled tasks
- Hidden scripts
🔁 Phase 5: Lateral Movement
Move across network:
- Credential reuse
- Pass-the-hash
- Internal scanning
📦 Phase 6: Data Exfiltration
- Slow extraction
- Encrypted traffic
- Avoid detection
🛡️ Defense Strategy
| Stage | Defense |
|---|---|
| Recon | Limit exposure |
| Access | MFA |
| Exploit | Patch systems |
| Movement | Network segmentation |
| Exfiltration | Monitor traffic |
🎯 Key takeaway
👉 Hackers think in steps
👉 You must defend every step