- Infiltration and Persistence
- Initial Foothold
- 1) credentials
- 2) malware
- 3) phishing
- Reconnaissance
- situational assessment
- Lateral Movement
- via credential misuse
- gathering credentials
- Mission Target
- critical assets
- high value data stores
- exfiltration
- methods
- destinations
- Maintain Presence
- hiding
- backdoors