Exploitation

In the exploitation phase, we use vulnerabilities found and CVEs associated with the target to gain unauthorized access or control. It involves access to sensitive data or executing malicious code.

Exploitation can also let the possibility of jumping to another machine in the same network via pivoting or even jumping to another network.

To be cautious, some security measures that can be applied to avoid any attempt of exploitation or privilege escalation are:

• Account permission management

• Strong password policies

• Implementation of database security

• Well-development practices

• Cybersecurity awareness training