pentest-exploit-chainlisted

Multi-step exploit chain analysis — linking low/medium severity findings into a critical chain, stealth+impact scoring advisory. Triggers on exploit chain, attack chain, chain analysis, multi-step attack, kill chain, attack path, stealth scoring, impact analysis.
fatihkan/badi · ★ 5 · AI & Automation · score 76

Install: claude install-skill fatihkan/badi

# pentest-exploit-chain Chaining individual low-to-medium severity findings into a **full compromise chain**. The highest value-add of engagement intelligence — human analysis only. ## Triggers - "can these findings be chained" - "draw the kill chain" - "low + medium = critical" - "attack path simulation" - "stealth + impact score" ## Lockheed Cyber Kill Chain (7 step) ``` 1. Reconnaissance — OSINT, port scan 2. Weaponization — exploit + payload combine 3. Delivery — phishing, drive-by, USB 4. Exploitation — vulnerability trigger 5. Installation — persistent foothold 6. Command & Control — beacon 7. Actions on Objectives — data exfil, destruction, ransom ``` ## MITRE ATT&CK Tactic Chain ``` TA0043 Reconnaissance -> TA0001 Initial Access -> TA0002 Execution -> TA0003 Persistence -> TA0004 Privilege Escalation -> TA0005 Defense Evasion -> TA0006 Credential Access -> TA0007 Discovery -> TA0008 Lateral Movement -> TA0009 Collection -> TA0011 Command and Control -> TA0010 Exfiltration -> TA0040 Impact ``` ## Chain Analysis Methodology ``` 1. List all findings (low + medium + high) 2. For each finding: input requirement, output privilege/access 3. Match: output of finding A, input of finding B 4. Draw the path of steps (DAG) 5. Shortest path -> max impact 6. A stealth score (1