Friday, June 29, 2012

The Official Social Engineering Framework - Social Engineering Framework

Social Engineering Framework

by Sales People, social-engineer.org
October 1st 2010 8:47 PM

From Learn to be a true Social Engineer

Welcome to the Social Engineering Framework. This is a work in progress, but we feel it will contain and DOES contain some of the hottest, newest and most innovative information on the scene today. We will be developing this framework over time and there will be more to come. For now the Framework is below and the hyper-linked areas are the areas that are done or being worked on. We hope you enjoy this and PLEASE feel free to send us your thoughts, additions or any feedback at all.

- The SE Team
CAUTION: This knowledge is NOT intended to teach you how to trick people, lie to others, or gain valuable items of others. Trying to use this information without the proper practice and without proper professionalism will usually backfire.

PART I: GENERAL DISCUSSION

I. Social Engineering Defined
II. Categories of Social Engineers
A. Hackers
B. Penetration Testers
C. Spies or Espionage
D. Identity Thieves
E. Disgruntled Employees
F. Information Brokers
G. Scam Artists
H. Executive Recruiters
I.
J. Governments
K. Everyday People
III. Why Attackers Might Use Social Engineering
IV. Typical Goals
V. The Attack Cycle
VI. Common Attacks
A. Customer Service
B. Tech Support
C. Delivery Person
D. Phone
VII. Real World Examples
A. Con Men
B. Phishing
C. Politicians
D. Crime Victims

PART II: INFORMATION GATHERING

I. How to Gather Information
A. Research
B. Dumpster Diving
II. Sources
A. Traditional
B. Non-Traditional
III. Communication Models

PART III: ELICITATION

I. Definition
II. Goals
III. Preloading
IV. Becoming a Successful Elicitor

PART IV: PRETEXTING

I. Definition
II. Principles and Planning
III. Successful Pretexting

PART V: PSYCHOLOGICAL PRINCIPLES

I. Modes of Thinking
II. Eye Cues
III. Micro-Expressions
IV. Neuro-Linguistic Programming (NLP)
A. Voice in NLP
V. The Human Buffer Overflow
VI. Interview and Interrogation
VII. Instant Rapport

PART VI: INFLUENCING OTHERS

I. Influence Tactics
A. Reciprocation
1. Obligation
2. Concession
B. Scarcity
C. Authority
D. Commitment and Consistency
E. Liking
F. Consensus or Social Proof
II. Framing
III. Manipulation of Incentives

PART VII: SOCIAL ENGINEERING TOOLS

I. Physical
A. Lock Picking and Shims
B. Cameras
C. GPS Tracker
D. Pen Recorder
E. RF Bug Kits
II. Computer Based
A. Maltego
B. Maltego Mesh
C. Social Engineer Toolkit (SET)
D. Common User Passwords Profiler (CUPP)
E. Who's Your Daddy Password Profiler (WYD)
III. Phone
A. Caller ID Spoofing

PART VIII: SOCIAL ENGINEERING EXTRAS AND RESOURCES

I. Social-Engineer.org In The Media
II. Fox News: Chris Hadnagy
III. Social Engineering Books
IV. Social Engineering Media Archives

Original Page: http://www.social-engineer.org/framework/Social_Engineering_Framework

Shared from Read It Later

 אל

No comments:

Post a Comment