They start to look for particular vulnerabilities within the Corporation community which they might exploit such as programs, target networks, etcetera., and start indicating/mapping out the regions where by they will take advantage. As soon as they productively determine which defenses are set up, they choose which weapon is ideal https://www.researchgate.net/publication/365308473_Development_of_Cyber_Attack_Model_for_Private_Network
