Exploitation and Weaponisation

The word "weaponisation" is used differently depending on context. In this room, it means turning a confirmed vulnerability into a demonstrated business impact by showing what an attacker could realistically achieve, not just that a flaw exists. You will encounter a different use of the term in the Cyber Kill Chain room, where weaponisation refers to the creation of a deliverable payload, such as embedding a backdoor in a document. Both definitions are valid. However, this room focuses on the consultant's use of the term to mean proving that a technical flaw translates into real-world risk.

Exploitation and weaponisation bridges the gap between vulnerability discovery and risk communication, transforming technical findings into defensible, real-world security issues. Below is a breakdown of how each phase differs in purpose and approach:

• Exploitation: After identifying vulnerabilities, the tester interacts with them in a controlled manner to confirm they can be abused under real-world conditions, using minimal and safe techniques to demonstrate impact without causing unnecessary disruption
• Weaponisation: With confirmed exploits in hand, the tester aligns findings with attacker goals and business impact by chaining issues, abusing application logic, or leveraging trust relationships to demonstrate realistic attack outcomes that stakeholders can understand and act upon

Learning Objectives

• Approach a confirmed vulnerability with a clear, methodical process before attempting exploitation
• Apply controlled exploitation techniques that prove impact without causing unnecessary harm
• Weaponise findings in the context of real business risk rather than pure technical access
• Chain multiple vulnerabilities together to demonstrate a realistic attack path
• Use common penetration testing tools responsibly and interpret their output accurately

Prerequisites

In order to make the most out of this room, we recommend finishing the Cyber Security 101 path before proceeding.