EP017

The social Engineering episode- Let’s Social Engineer Max a Better Microphone.

Music provided by: Denis Kreynin https://soundcloud.com/denis-kreynin

 

Follow up: Risky.biz podcast RSA guy says SHA-1 is broken.

 

Social engineering is a mix of psychology and the hacker mindset of finding and exploiting vulnerabilities.

Like any tool, can be used for bad or good

 

Research, research, and more research

Pre-texting

Framing

Preloading

Mirroring and obligation

Elicitation is putting the above together to get people to do what you want, whether in their interest or not

making deliberately false statements

 

The most important person is “me”

 

Microexpression

Lack of conjunction

Process

 

Tyler Durden’s school of social engineering assignment:

Ask open ended questions and listen to answers without injecting opinion. Ask a follow up question based on what you heard. Respond with a scenario or experience you think is similar questioning it’s relevance. show interest and continue the routine as long as you can. offer a foible of your own (real or fake) and see what they offer in return. keep track of all the information they provide you and feed some back to keep them going.

 

Leave a Comment