Once you have gained access to a target system and obtained sufficient privileges, it is time to compromise the system and carry out the attack. Which applications are executed at this point is up to the attacker, but they can either be custom-build applications or off-the-shelf software or tools. When an attacker has successfully logged on to a system and escalated privileges he is said to own the system.

An attacker executes different types of applications on a target system with specific goals in mind.

Backdoors
Applications of this type are designed to compromise the system in such a way as to allow later access to take place without having to re-compromise the system and elevate privileges again. An attacker can then use the backdoor at will to regain access of the compromised system. Backdoors can come in the form of rootkits, trojans, and similar types including home made tools. They can even include software in the form of Remote Access Trojans/Tools (RATs).

Crackers
Any software that fits into this category is characterized by the ability to crack codes or obtain passwords.

Keyloggers
Keyloggers are hardware devices or software used to gain information entered via the keyboard. Software keyloggers can be installed an executed remotely and hardware keyloggers require physical access to install but are less intrusive.

Malware
This is any type of software designed to capture information, alter, or compromise the target system.