Social
Engineering
(The art of Human Hacking)
This tutorial on SE referred a Good book from Christopher Hadnagy
What is Social Engineering?
Social Engineering (SE) is a blend of science, psychology and art. While it is amazing and complex, it is also very simple.
"Any act that influences a person to take an action that may or may not be in their best interest.”
Overview of Social Engineering defines social engineering and what roles it plays in society today, as well as the different types of social engineering attacks, including other areas of life where social engineering is used in a non-malicious way. I will also discuss how a social engineer can use the social engineering framework in planning an audit or enhancing his own skills.
Information gathering is the foundation of every social engineering audit. The social engineer’s mantra is, “I am only as good as the information I gather.” A
social engineer can possess all the skills in the world, but if he or she doesn’t know about the target, if the social engineer hasn’t outlined every intimate detail, then the chance of failure is more likely to occur. Information gathering is the crux of every social engineering engagement, although people skills and the ability to think on your feet can help you get out of a sticky situation. More often than not, the more information you gather, the better your chances of success.
The questions that I will answer here in this tutorial:
- What sources can a social engineer use?
- What information is useful?
- How can a social engineer collect, gather, and organize this information?
- How technical should a social engineer get?
- How much information is enough?
No comments:
Post a Comment