The best target binaries are lightweight and portable; that is, they have few or no dependencies. A program that requires a full installation isn't ideal. We're going to suppose that an employee at our client uses a lightweight piece of freeware for data recovery purposes – in fact, we'll reintroduce the data recovery tool we used in Chapter 6, Advanced Exploitation in Metasploit. During our reconnaissance phase, we established a trust relationship between this employee and another person at the company. We also discovered an open SMTP relay, so we'll be trying a social engineering attack suggesting that the employee download the newer version. We'll send a link that would actually point at our Kali box ...