Initial Access Vectors

Every door into a target network — with the actual commands. External recon, password spraying (kerbrute/nxc/o365spray), device-code phishing (MFA bypass), legacy-auth abuse, VPN/Exchange exploit, web-shell deployment, supply-chain poisoning, watering hole, trusted relationship. Detection EventIDs and defence configs per vector. For authorised engagements only.