Which phase immediately follows the exploitation of a vulnerability?

Following the exploitation of a vulnerability, the phase that immediately comes next is the installation of a malicious payload or software on the targeted system. This phase is critical because once an attacker has successfully exploited a vulnerability, they typically seek to establish a foothold within the system to ensure continued access. This is commonly achieved by installing malware or backdoors that facilitate ongoing control over the compromised system.

The installation of such malicious tools enables the attacker to manipulate the system and maintain persistence, allowing them to return later even if the initial exploit has been addressed or patched. This step is essential to the attacker's long-term goals, whether they involve data theft, surveillance, or additional attacks on the network or connected systems.

In contrast, weaponization involves creating or preparing the exploit payload before delivery to the target, while maintaining access occurs after the installation phase by ensuring that the attacker can continue to control the compromised system over time. Delivery is the process of transferring the exploit or payload to the target, which precedes the exploitation and installation phases.