The Exploitation Stage is when we successfully execute the exploit we planned during the reconnaissance stage, which was prepared and delivered on the delivery stage.
We usually merely gain initial access as the result of a successful exploit. As a result, further work to establish persistence is required, but that’s later in the kill chain.
The exploitation phase can be done remotely, in person, or as a result of a victim falling for a malicious link or attachment.
Utilizing a flaw like Log4j would be an example of the exploitation phase.