Common Methods of Exploitation
- Buffer overflows
- SQL injection
- Zero-day exploits
How to Defend Against Exploitation
- Patch management
- Application whitelisting
- Least-privilege access controls
- Network segmentation while installing programs
Exploitation is the moment the weapon fires, the attacker's code takes advantage of a vulnerability and begins executing inside the target environment. Targets include software flaws like buffer overflows and SQL injection, hardware-level vulnerabilities such as Spectre and Meltdown, and human weaknesses exploited through social engineering. Zero-day exploits, targeting vulnerabilities unknown to the vendor, provide a significant asymmetric advantage. Defenders reduce risk through rigorous patch management, application whitelisting, least-privilege access controls, and network segmentation that limits the blast radius even when exploitation succeeds.