Skills & Training: Low - High
Resources: Low - Medium, though can be funded
Risk Appetite: Low - Medium
Description: Studious, intelligent, determined. Can be good or grey. Often research 1 technology deeply or scale an issue for metrics/coverage. Researchers can also be targets of other adversaries. Work alone or in teams.
- Financial gain (0day sales), reputation (CVEs, blogs, tools)
- organizations, platforms, software, hardware, systems, internet as a whole
- Public recon (OSINT, open source static analysis
- Scanning (fuzzing, DAST scanner, manually familiarizing with target app with Burp or Zap proxy)
- Custom exploits, fine-tuning or scaling scanners
- Zero-day exploits
- Dedicated study of target environment (technologies, employees, attack surface)
- Participate in bug bounty for priviledged access but sell research on side
- Exfiltration
- More scanning and understanding of environment
- Sale of 0day