Snapping us some dark matter
Making attack trees from researching security issues to help us organise our thoughts. Another work in progress. [Work in progress]
Pentesting is not a linear process, more like a spontaneous choreography, a sequence of chosen movements as the dance unfolds. It is also highly context and purpose dependent.
Attack Trees (based on security research) represent often used movements and can help organise our thoughts around which tools and scripts may be reuseful for which type of pentesting and/or various audits (and which mitigations we may need for our own development efforts).
Do not implement and execute these on a network or system you do not own. Execute only on your own systems for learning purposes. Do not execute these on any production network or system, unless "Rules of engagement" have been agreed on, and you have a "Get out of jail free" card of some sort.
The below categorisation is somewhat arbitrary, some trees have more detail, some lack such detail because we haven't tried them yet, and some are just mere paragraphs with intent to make the tree.
- System hacking
- Network attacks
- Compromise router
- ARP spoofing
- Port redirection
- Replay attack
- IP spoofing
- Hijack session (network)
- Man-in-the-Middle (MitM)
- Attack domestic WiFi
- TCP sequence prediction attack
- Hijack BGP
- Denial of Service (DoS)
- Distributed Denial of Service (DDoS)
- Distributed Deflection Denial of Service (DrDoS)
- Application hacking
- Web hacking
- Crypto attacks
- Social engineering
Problems or Suggestions
This project welcomes contributions and suggestions.