In the seven-step Cyber Kill Chain, which is the second step?

Weaponization is the phase where the attacker takes gathered information and turns it into a usable attack by pairing a payload with a delivery method. After reconnaissance, the attacker identifies vulnerabilities and creates a weaponized package—the actual malware or exploit combined with a delivery vector—so it’s ready to be sent to the target. This preparation step sits between learning about the target and actually sending the payload, because you don’t deliver something inert; you deliver something already armed to exploit a vulnerability and establish a foothold. Delivery comes next, as the weaponized package is transmitted to the target. Exploitation follows when the delivered code runs and exploits the vulnerability. Installation then happens as the malware establishes a presence on the system.