In this chapter, we will identify the methods we use to attack clients. Unlike our servers, the client does not provide services; therefore, it is not a simple task to attack the client directly. Instead, we will use techniques to get the client to come to us.
This chapter will provide us with information about the ways we can target clients. We will explore the different methods of attacking a client. We will also explore how this is currently the main attack vector that we will present after the testing we do today. We have the advantage of knowing that the client is going to click on a link or a file in most cases; there are a number of methods for doing this. We have e-mail phishing/spearfishing, and the rise of social media allows another vector, as does the SMS with mobile devices. It is this action that will provide us with the vector to attack the client.
In this chapter, we will discuss the following topics:
Client-side attack methods...