During which stage of the cyber kill chain does the attacker gain unauthorized access to the system?

The exploitation stage of the cyber kill chain is where attackers actively take advantage of vulnerabilities to gain unauthorized access to the target system. During this phase, the attacker executes a payload or uses some form of attack, such as exploiting a software vulnerability, executing malicious code, or leveraging credentials obtained through prior reconnaissance.

The exploitation typically follows the delivery stage, where the attacker has sent the malicious payload to the target. Once the exploit is successful, the attacker can achieve unauthorized access to the system, setting the stage for further actions, such as installation of malware or manipulation of data. Understanding this stage is crucial because mitigating vulnerabilities during this phase can significantly reduce the risk of compromise and further exploitation by attackers.