Home

ExploitKetten

ExploitKetten, also written Exploit-Ketten in German, is a cybersecurity term used to describe sequences of exploits that attackers use to compromise a target system. The concept captures the idea that a successful intrusion often requires multiple linked vulnerabilities or misconfigurations to be exploited in a planned order, rather than a single flaw.

In practice, an ExploitKette refers to a multi-stage attack chain. Typical elements include initial access, execution

The term is common in German security literature and threat reports, and it is sometimes used interchangeably

Defensive responses focus on reducing chain length and probability: timely patching and configuration hardening, network segmentation,

See also: MITRE ATT&CK, exploit kit, kill chain, chain-of-exploitation.

of
code,
persistence
mechanisms,
privilege
escalation,
defense
evasion,
lateral
movement
within
a
network,
and
data
collection
or
exfiltration.
The
specific
chain
varies
by
actor
and
context
and
may
combine
publicly
known
vulnerabilities
with
customized
or
supply-chain
weaknesses.
with
exploit
chain
or
kill
chain,
though
it
emphasizes
the
contingent,
stepwise
nature
of
the
intrusion
rather
than
a
fixed
framework.
Analysts
use
the
concept
to
map
risk
across
an
environment
and
to
identify
where
multiple
controls
must
be
in
place
to
interrupt
the
chain
at
various
points.
strong
authentication,
endpoint
detection
and
response,
anomaly
detection,
and
continuous
monitoring.
Incident
response
planning
often
centers
on
recognizing
patterns
indicative
of
an
ExploitKette
and
rapidly
containing
the
attack
before
data
is
exfiltrated.