In this section, we're going to learn about client-side attacks. Often, it's better to try to gain access to a target using server-side attacks, such as trying to find exploits in the operating system and in the applications installed. If that doesn't work, or if our target is hidden behind an IP or is using a hidden network, our next resort is a client-side attack. Client-side attacks require the user to do something, such as open a link, install an update, or download an image that will then run code on their machine. Because these attacks require user interaction, information gathering is very important—information about an individual's applications and who they are as a person. For a client-side attack to be successful, ...