Episode Details
Back to Episodes
Course 34 - Cybersecurity Kill Chain | Episode 3: Delivery, Exploitation, and Installation
Published 1 week ago
Description
In this lesson, you’ll learn about: Delivery, Exploitation, and Installation in the Cyber Kill Chain1. Delivery Phase (Getting the Payload to the Target)🔹 Definition
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
- The process of transferring the malicious payload to the victim
- Using exposed services:
- FTP uploads
- Web downloads
- Infected USB drives left in:
- Offices
- Public places
- Tool:
- Social Engineering Toolkit (SET)
- Used for:
- Spear-phishing campaigns
- Mass phishing emails
- Trick the user into executing the payload themselves
- The moment the payload:
- executes successfully
- bypasses security controls
- Exploiting:
- Software vulnerabilities
- Misconfigurations
- Clicking malicious links
- Entering credentials on fake pages
- Establishing a persistent foothold on the system
- Ensure attacker can:
- Reconnect anytime
- Maintain control
- Installing:
- Backdoors
- Persistent malware
- Metasploit
- Used to:
- Set up a listener
- Wait for incoming connection from victim
- A session is opened
- Attacker gains remote control
- Delivery
- Gets payload to victim
- Exploitation
- Executes payload successfully
- Installation
- Keeps long-term access
- Delivery relies heavily on social engineering
- Exploitation is about triggering execution
- Installation ensures persistence
- Humans are often the weakest link
- Tools automate the process, but logic remains consistent
- Delivery = Entry point
- Exploitation = Break-in
- Installation = Persistence
- Delivery → “Send the package”
- Exploitation → “Open the door”
- Installation → “Stay inside the house”
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy