Some SE tips from me

This topic contains 4 replies, has 4 voices, and was last updated by  Jamie.R 5 years, 11 months ago.

  • Author
    Posts
  • #7765
     Jamie.R 
    Participant

    Hi All,

    I wanted to share some tools and tricks that I use when doing Social Engineering. The best part of Social Engineering is you can practice it anywhere just by talking to people and trying to get information from them.

    Tools in my arsenal:
    Mobile Phone
    Lock Picks
    Business cards
    SET
    Teensy Device
    RFID Card

    The first thing you need is bags of confidence as you are trying to sell yourself, this is where practicing comes into play. I gained a lot of this from working in sales and selling to customers, trying to make them part with cash and buy more stuff. The company I used to work for also showed me how to manipulate people and overcome objections.

    You have to be quick witted too and think fast off your feet. Never try to sell yourself as someone who has certain skills when you don’t. You may be in a situation where you need to think fast to get out of it. For example you get stopped by a security guard. What are you gonna say to him ? Are you just going to give up? What story will be good enough so he lets you go on your way?

    The first tool that you should always have is a mobile phone this is one of the best tools ever in Social Engineering. The good thing about us humans is that we are either really nice people or not confident enough to interrupt someone on the phone, as that would just be so rude. Speaking on the phone whilst walking into a building or hanging outside a RFID door on the phone waiting for a kind soul to hold the door open for us is just so easy. This pretty much works all of the time and it is really effective.

    I tend to carry lock picks with me at all times but I very rarely used them, but the one time I might need them it’s better to have them than not.

    A good business card will sell you like nothing else it’s easy to get cheap business cards printed these days and they are a great way to backup any story you are trying to sell. Another good tip is if you can get a business card for someone who works at the company you are doing the Social Engineering attack against you might be able to go to another location and sell yourself as being that person who works for the company.

    SET Social Engineering toolkit is a great tool that works well with the teensy device. Depending on your scope you can always use this to drop USB around the company and there a good chance that someone will plug it in and run the exploit on the USB.

    If you are doing a Social Engineering attack and you know they use RFID doors you can buy a RDIF card off of Ebay even though it won’t work but when people see it, you can just say your card has been playing up and you need to get it sorted. Most people will see the card and just let you in.

    These are just a few hints and tips when doing Social Engineering.

    Fill free to add tools as you see fit….

  • #48632
     beastmode19888 
    Participant

    Jamie these are all great ways to get SE off the ground. The phone is the number 1 thing that you would always need no matter what but will do you no good if you cant talk lol. SET is what I deal with most of the time. I just did a video on youtube about using SET in Web GUI.

    [glow=red,2,300]http://youtu.be/d53jeNUBw80?hd=1[/glow]

    Check it out and If you don’t want to click my link ;D I understand just go to youtube and type in beastmode19888 in the search.

    Hope you like and please Subscribe

  • #48633
     cyber.spirit 
    Participant

    i always find best resources about se here but i think set is the best tool for it as long as it finds metasploit lol

  • #48634
     Mr Undoubtable 
    Participant

    This is crazy good. Something’s that sound very useful yet I didn’t think of them.
    I don’t really go all out this far when SE-ing but it’s useful to know.

    Thanks!

  • #48635
     Jamie.R 
    Participant

    Glad it was helpful 😛

You must be logged in to reply to this topic.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Copyright ©2018 Caendra, Inc.

Sign in with Caendra

Forgot password?Sign up

Forgot your details?