Drive-by downloads, water-holing, spyware, trojans and botnets. Unfortunately, this experience is usually from the victim’s perspective, rather than the attacker’s. Client-based attacks are so common that they’re almost a cliche, but with advanced security software and forensics techniques, they can be tricky to perform. This lesson will give you a clear understanding of how a user’s computer can be attacked directly. When this lesson has been completed and practiced thoroughly you will be able to compromise a user's system by attacking faulty software and plugins with malware - making you a more well rounded and effective penetration tester.