Chapter 7: Client-Side Exploitation

We covered coding and performed penetration tests in numerous environments in the earlier chapters; we are now ready to introduce client-side exploitation. Throughout this chapter and in a couple more chapters, we will learn about client-side exploitation in detail. However, before we proceed further, we need to understand why we need client-side exploitation. During a penetration test or, more specifically, a red team assessment, it is likely that we might not find critical or high-risk vulnerabilities that allow us to establish a foothold inside the network. In such a scenario, targeting users who are behind a firewall or Network Address Translation (NAT) becomes relevant, as there is no easy or straightforward ...