How-Tos | Social-Engineer.Org

Search for:

Mastermind Group
Professional Training
The Art of Human Hacking
Recent Posts
Archives
Our Favorite Posts

How to Bluff Like a Pro in Vegas Power of Non Sexual Touch Microexpressions: A Key To Understanding Human Behavior

Archive for the ‘How-Tos’ Category

The Beat of Social Media Engineering

Monday, February 25th, 2013

Secarma recently discovered article about an API tool called “The Beat” from Rutgers University seemed to be one of the more interesting uses of social media information. The Beat links geo information embedded within Instagram images to Google Streetview. This is then made searchable using tags from Instagram. APIs and information gathering was covered in the Social Engineer Podcast 039.

On the surface, it seems to be a fantastic tool. A user can search tags for a concert that they attended and find other people who were also there and take a look at their pictures – as the Social Engineer Podcast doesn’t really focus on “how to find girls for free,” this could be one further use of “The Beat!”

However, as we discussed the security implications of this tool in the offices here at the office, we decided to search for more unusual items. It was when we identified that, searching more generic terms, we uncovered the darker side to the API.

(more…)

Posted in How-Tos | No Comments »

A Good Lesson on Reading Nonverbals with David Kennedy

Tuesday, February 19th, 2013

David Kennedy from Trusted Sec had the privilege of going on CNN today to discuss China’s hacking attacks against the US Government and corporations. He did a superb job and really came off intelligent and well spoken.

But we can’t pass up the opportunity to use a piece like this to look deep into human nature and see if the face tells us something else.

(more…)

Posted in How-Tos | No Comments »

Social Engineering for Penetration Testers – Day 5

Friday, April 13th, 2012

As the final day of the historic, ground breaking course, Social Engineering for Penetration Testers, was upon us, the mood in the class was much different. What seemed like the final showdown in Fear Factor to a lot of the students was now looking like a morning jog. We watched with great happiness as the student shared their experiences from the evening before. We were pleased to see every team had accomplished their goals! What an amazing difference four days made! The last four days were a hardcore look at social psychology. After the students received the information and skills necessary to be a professional social engineer, it was time to put that skill to use. Day Five was all about the sexy side of social engineering. (more…)

Posted in How-Tos | No Comments »

Social Engineering For Penetration Testers – Day 4

Monday, April 2nd, 2012

Day Four started with excitement in the air as the students began filing into class, busy exchanging war stories about the night before. It seemed that the lack of confidence that existed in the previous days was slowly melting away. We saw the budding of real social engineers. The students were challenged at the end of Day Three to obtain even more personal and guarded information. If you’ve been following this series of blog posts, I’m sure you can guess how things went. The students did very well and some even seemed to amaze themselves with the information they extracted and ease at which they obtained the data. After a complete and thorough debriefing, it was time to move on to one of our favorite topics, Nonverbal Communication.

(more…)

Posted in How-Tos | No Comments »

6 Preventative Tips against Malicious Social Engineering

Thursday, March 29th, 2012

Recently Chris was invited out to RSA to give a 60 minute speech entitled, “Human Hacking Exposed: 6 Preventative Tips that can save your company”. This session was accompanied by an 18 minute version of this. This TED style speech was recorded and we have a copy for your viewing pleasure.

Human Hacking Exposed: 6 Preventative Tips

It was a great experience to be with the folks out at RSA, a first for the crew at SEORG. We look forward to seeing you all at Defcon and Black Hat. More news on that coming soon.

Enjoy.

Posted in How-Tos | No Comments »