# Execution

## Theory

Execution consists of techniques that result in adversary-controlled code running on a local or remote system. Techniques that run malicious code are often paired with techniques from all other tactics to achieve broader goals, like exploring a network or stealing data. For example, an adversary might use a remote access tool to run a PowerShell script that does Remote System Discovery.

![](https://329872044-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FMdUKdzuqIuObdvCB3mUR%2Fuploads%2Fgit-blob-bda1ffcd243c69128b511e9bd33386ccd094cbff%2Fkillchain-trough.png?alt=media)

## Resources

{% embed url="<https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html>" %}

{% embed url="<https://www.unifiedkillchain.com/>" %}

{% embed url="<https://www.ired.team/>" %}

{% embed url="<https://tryhackme.com/room/weaponization>" %}

{% embed url="<https://github.com/infosecn1nja/Red-Teaming-Toolkit#Initial-Access>" %}