Tactics & Techniques

Resource Development

Initial Access

Exploit Public-Facing Application
Supply Chain Compromise
- Supply Chain Compromise: Compromise Software Dependencies and Development Tools
- Supply Chain Compromise: Compromise Software Supply Chain
Phishing
- Phishing: Spearphishing Attachment

Command And Control

Collection

Persistence

Credential Access

CISA-AA22-216A
- OS Credential Dumping: DCSync
Unsecured Credentials
- Unsecured Credentials: Private Keys
- Unsecured Credentials: Group Policy Preferences
Credentials from Password Stores
- Credentials from Password Stores
Steal or Forge Kerberos Tickets
- Steal or Forge Kerberos Tickets: Kerberoasting
- Steal or Forge Kerberos Tickets: AS-REP Roasting

Privilege Escalation

Lateral Movement

Execution

Exfiltration

Impact

About PreludePrelude hardens an organization's defenses by continuously “asking” it questions through the form of safe cyberattacks. These attacks respond immediately to the latest vulnerabilities and cyber events, turning complex technical descriptions into deployable “questions”.Our mission is to increase the reach, frequency and usage of advanced security for all organizations.

Follow @preludeorg on Twitter for new chains and more.

Join the Prelude Discord to discuss chains and more.

Keep up to date with code changes and community activity on Github

preludesecurity.com Careers Tactics & Techniques Attack themes

Privacy Policy support@preludesecurity.com© 2023 Prelude Research, Inc.All rights reserved. Prelude, its logo and other trademarks are trademarks of Prelude Research, Inc. and may not be used without permission.