Penetration Testing mailing list archives
Re: Social Engineering ... ?
From: ctg <plumme () gmail com>
Date: Tue, 23 Nov 2004 17:17:53 +0000
Hello Mr. Bones, Best resource what can you get for the social engineering is the PR/Sales related people, because it's down to their line of work. What you need to learn from social engineering is that people are rather stupid and you need to find a way to get what you need by manipulating the people. In the simple terms the social engineering aiming point in the penetration test is to gather as much of the information by using 'sweet talk' etc methods. You must understand that in the attacker point of view is to get know how easy those people are, if you understand what I mean. There is no good better practice then trying to do social engineering. Just be adventurous and make some practical jokes with the people, by using 'sweet talk', 'bribe' etc. When you get it, you can use those same skills to pen. test your client. Just think about how the people make frauds. - ctg. -
Current thread:
- Social Engineering ... ? Bones (Nov 22)
- RE: Social Engineering ... ? Rob Shein (Nov 23)
- Re: Social Engineering ... ? richardw (Nov 24)
- Re: Social Engineering ... ? Jay D. Dyson (Nov 23)
- RE: Social Engineering ... ? dave kleiman (Nov 24)
- Re: Social Engineering ... ? ctg (Nov 24)
- RE: [in] Social Engineering ... ? Curt Purdy (Nov 24)
- <Possible follow-ups>
- Re: Social Engineering ... ? Marco Ivaldi (Nov 23)
- Re: Social Engineering ... ? David Hodges (Nov 23)
- RE: Social Engineering ... ? mthompson (Nov 25)
- RE: Social Engineering ... ? Keith T. Morgan (Nov 26)
- Re: Social Engineering ... ? webmaster (Nov 27)
- RE: Social Engineering ... ? Rob Shein (Nov 23)