This section provides a collection of attacks and kill-chain steps that aid in compromise of organizational assets.
-
Reconnaissance is the act of collecting information to uncover weaknesses or relationships between assets which could be exploited. This is a preliminary step for most attacks and helps an adversary to uncover a successful attack strategy.
-
Information from reconnaissance often needs to be tested to confirm whether a weakness exists. Adversaries need to probe to gather details for their attack. Asset ownership and organizational boundaries can help to surface an attackers tests or help to hide them.