• Cyber kill chain
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and Control (C2)
- Actions and objectives
• Diamond Model of Intrusion
Analysis - Adversary
- Victim
- Infrastructure
- Capability
• MITRE ATT&CK
• Open Source Security Testing
Methodology Manual (OSS TMM)
• OWASP Testing Guide