ECCouncil 312-39 - Certified SOC Analyst (CSA v2)

In the Lockheed Martin Cyber Kill Chain Methodology, the phase where an adversary creates a deliverable maliciouspayload using an exploit and a backdoor is known as the Weaponization phase. This is the second stage of the Cyber Kill Chain, which occurs after the initial Reconnaissance phase. During Weaponization, the attacker prepares a malicious payload that is designed to exploit vulnerabilities in the target system. This payload often includes a backdoor to allow for persistent access to the compromised system.

The Weaponization phase involves the creation of malware tailored to the target’s specific vulnerabilities discovered during Reconnaissance. The attacker uses this malware to create a weaponized deliverable, which can be transmitted to the target during the subsequent Delivery phase of the Cyber Kill Chain.

The attack demonstrated in the scenario is a Cross-site Scripting (XSS) attack. This is evident from the attacker’s action of inserting a