They start to search for selected vulnerabilities throughout the organization network which they are able to exploit such as applications, goal networks, etc., and start indicating/mapping out the places exactly where they can make the most. Once they productively detect which defenses are set up, they pick out which weapon https://ieeexplore.ieee.org/document/9941250