Get an iPad mini, ASUS ZenScreen LED Monitor, or $350 Off with OnDemand Training thru 5/19

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Clients and Endpoints

Featuring 22 Papers as of March 10, 2021

  • Success Rates for Client Side Vulnerabilities by Jonathan Risto - June 14, 2016 

    The user is the weakest link in the computer security chain. From clicking on links that they shouldn to having weak passwords, it generally comes down to the end user doing something they shouldn . If the user runs a piece of malware or opens an infected file, will it always lead to a compromise? This paper plans to test if client-side exploits will always function or if there are additional factors to consider when dealing with these vulnerabilities and associated exploits. Is the Common Vulnerability Scoring System (CVSS) score enough to determine if a particular vulnerability is more critical than another and should be remediated sooner than another? This testing will be accomplished through the use of freely available exploitation software (e.g. Social Engineering Toolkit, Metasploit) in a closed testing environment.

  • View All Clients and Endpoints Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact

All papers are copyrighted. No re-posting or distribution of papers is permitted. Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.