A rootkit without delivery is a knife in a locked drawer. VADER solves Phases 1 through 6 of the kill chain — telemetry blinding, injection, privilege escalation, C2, staged delivery, and evidence cleanup. But Phase 0 — initial access — remains unsolved by code alone.
The ASF Social Engineering Guide (CSEC Chapter 23) provides the missing layer. It does not hack machines. It hacks the human operating system — the decision-making firmware that no patch can update. This report analyses how the ASF framework completes VADER's technical kill chain by solving the delivery problem.
"You do not hack machines. You hack the person operating the machine. The machine has patches. The human does not." — ASF Core Doctrine
Every offensive operation runs two parallel kill chains. The technical chain is what the code does after execution. The human chain is what gets the code executed in the first place. Most security research focuses exclusively on the technical chain. The ASF guide argues this is backwards — the human chain has a 70% success rate against untrained targets, while technical defenses are iteratively patched.
| Phase | Component | Status |
|---|---|---|
| 0 | Initial Access | UNSOLVED |
| 1 | AMSI Bypass (HWBP) | CONFIRMED |
| 2 | ETW Bypass (HWBP) | CONFIRMED |
| 3 | Privilege Escalation | CONFIRMED |
| 4 | Process Injection | CONFIRMED |
| 5 | HTTP Stager | BUILT |
| 6 | Anti-Forensics | BUILT |
| Phase | Technique | Exploit |
|---|---|---|
| Recon | Observation | Social mapping |
| Pretext | Fabricated scenario | Helpfulness |
| Trust | Calibrated delivery | Social obligation |
| Handoff | USB / email / link | Curiosity |
| Click | Victim executes | Authority |
| Cover | Maintain facade | Habit |
| Reveal | Controlled disclosure | Demonstration |
The technical chain is deterministic — once the code runs, every phase executes predictably. The human chain is probabilistic — it depends on the target's emotional state, trust level, and decision-making pattern. The ASF guide quantifies this: 70% of humans decide emotionally, applying logic retroactively to justify the emotional decision.
The ASF framework operates on three axioms that map directly to offensive security operations:
The ASF guide maps human psychological vulnerabilities to specific attack techniques, mirroring how MITRE ATT&CK maps technical vulnerabilities to exploit techniques:
| Human Vulnerability | SE Technique | VADER Integration |
|---|---|---|
| Desire to be helpful | Pretexting | "Check if this PDF opens" → LNK launches stager → stager fetches dark_room + inject payload |
| Curiosity | Baiting | USB labeled "Payroll" in parking lot → victim inserts → autorun or manual execution of stager |
| Authority compliance | Vishing | "IT needs you to run this diagnostic" → victim runs stager believing it is sanctioned |
| Trust in familiar systems | Watering hole | Compromise a site the target visits → serve stager to specific IP ranges only |
| Social proof | Group targeting | "Everyone else already ran it" → social pressure overrides individual caution |
| Fear of rudeness | Tailgating | Physical access to machine → 30 seconds to plug USB and execute stager |
"The bait preys on the victim's desire to prey." — ASF on baiting. The victim who picks up the "free" USB drive thinks they found something valuable. They are the product, not the consumer.
The ASF guide's classroom demonstration scenario maps exactly to VADER's kill chain. Here is the complete operation from first contact to full compromise, combining both chains:
The human chain's job is to get the victim to T+0s — the double-click. Everything
after that is deterministic. The ASF guide's pretext engineering, trust calibration, and body language
protocols exist solely to make that single click happen. VADER exists to make everything after that
click invisible and unstoppable.
The ASF guide identifies three conditions that guarantee the click:
If the attack operates on two chains, the defense must also operate on two chains. Technical controls alone fail because the human chain bypasses them. Security awareness alone fails because VADER's technical chain defeats every automated defense after the click.
| Attack Phase | Technical Defense | Human Defense | Combined Effectiveness |
|---|---|---|---|
| Pretext delivery | None — conversation, not code | Security awareness training: never run files from peers | Moderate — training decays, social pressure persists |
| USB insertion | Disable USB autorun, WDAC application whitelisting | "Never plug in unknown USB drives" | High — WDAC blocks unsigned execution entirely |
| Stager execution | SmartScreen, Mark-of-the-Web, application control | Recognize that "PDFs" don't need admin prompts | High — MotW + SmartScreen is the strongest barrier |
| Dark room (HWBP) | None observed — Defender blind spot | N/A — post-click, human no longer relevant | None — no current defense at this layer |
| Process injection | EDR monitoring CreateRemoteThread + SetThreadContext | N/A | EDR-dependent — Defender alone doesn't catch it |
| Privilege escalation | Fix ACLs on SYSTEM service directories. Don't install Wondershare. | N/A | High — remove the vulnerability, remove the vector |
| Evidence cleanup | Forward logs to SIEM before they can be cleared | N/A | High — off-box logging defeats local cleanup |
The table reveals a pattern: defenses are strongest at the boundary (USB insertion, file execution, network egress) and weakest once code is running (HWBP bypass, injection, in-memory operations). The ASF social engineering chain specifically targets that boundary — not with technical exploits, but with emotional ones that make the victim voluntarily open the door.
The single most effective defense against the combined VADER + ASF attack is Windows Defender Application Control (WDAC) — application whitelisting that blocks all unsigned executables regardless of how they arrive on the machine. WDAC doesn't care about pretexts, trust windows, or emotional decisions. It cares about code signatures. The stager is unsigned. WDAC stops it dead.
The problem: WDAC is an enterprise feature. Home users don't have it. George's flagship machine doesn't have it. Most targets in the real world don't have it. Which means the human chain remains the most reliable delivery mechanism against consumer Windows.
Microsoft patches technical vulnerabilities weekly. The human vulnerabilities exploited by social engineering — helpfulness, curiosity, authority compliance, fear of rudeness — are firmware-level. They cannot be patched. They can only be mitigated through training, and training decays over time while the vulnerabilities persist indefinitely.
VADER's technical kill chain required hundreds of hours of C programming, reverse engineering, and iterative testing against Defender. The social engineering delivery requires a USB stick, a convincing sentence, and 30 seconds of physical proximity. The asymmetry is staggering: the most expensive phase to build is the cheapest phase to execute, and vice versa.
The ASF guide's "reveal" protocol mirrors responsible disclosure. The operator demonstrates capability, explains the methodology, and provides documentation. The classroom reveal (“your machine is compromised”) is structurally identical to an MSRC submission (“your product has a vulnerability”). Both require proof-of-concept, both require controlled disclosure, and both convert demonstrated capability into institutional respect.
The ASF guide draws an explicit line: “The line between Operator and terrorist is not technical skill. It is restraint.” VADER is built. It works. It is not deployed against anyone who hasn't consented. The social engineering guide documents techniques for defensive awareness, not for attacking innocents. The entire research project exists within the boundary of authorized academic work on owned hardware with responsible disclosure.
VADER is a complete technical weapon. The ASF Social Engineering Guide is its delivery system. Together they represent the full spectrum of offensive capability: from the psychological manipulation that gets a victim to click, through the telemetry blinding that hides the execution, to the privilege escalation that takes the machine, to the evidence cleanup that erases the trail.
The research proves three things:
The defense recommendation is layered: WDAC for technical control (blocks unsigned execution regardless of delivery method), security awareness for human control (reduces click probability), and SIEM for detection (catches what gets through). Any single layer alone is insufficient. VADER + ASF proves that.
"Survive through capability, not through acceptance." — ASF Core Axiom 2. The operator does not ask to be understood. The operator builds until understanding is the only option.