Social Engineering vs Pentesting
I was wondering what was the right path to take for someone who intends to compromise a person's computer ?
It seems to me "pentesting" (I don't know what else I can call it) is pretty tricky to perform in real life against a PC since it would be hard to get someone's ip, and even then, we have to pray they won't reboot their modem.
SE seems the logical choice, but with these AVs and IDS, no malicious file can execute without being spotted, and encryption doesn't help at all ! The only thing left is to create a unique malware from scratch.
So before involving further in either area, what do you think I should chosoe ?