Phases describe the distinct stages that a business logic attack may progress through. The specific phases employed by an adversary during an attack and the order in which the attack progresses through them depend on the adversary's goal.

Name Description
Resource Development Ahead of the actual attack, the adversary establishes resources to aid their operations against the primary targeted victim.
Reconnaissance The adversary identifies the target and/or ascertains strategic information to inform the latter stages of the attack.
Defence Bypass The adversary attempts to bypass defence measures.
Attack Execution The adversary launches their attack against their target.
Actions on the Objective The adversary performs the intended activity on their target.
Post-Attack The adversary completes their attack by receiving or reselling the products, services or information they acquired during their attack.