Wednesday, January 8, 2020

The Tools of the Social Engineering

The Tools of the Social Engineering
(Man is a tool-using animal. Without tools he is nothing, with tools he is all. )


The social engineer’s tools category has the potential to be huge, but this book isn’t trying to become a manual on how to pick locks or spoof a phone number. Instead it is an attempt to give you enough information to decide what tools would augment your practice.When it comes to social engineering having a decent toolset can make or break the ability of the social engineer to be successful.
The first section we see, “Physical Tools,” focuses on things like lock picks, shims, and cameras.Here I provide some information on using phone spoofing in a social engineering attack, continues with a discussion of some of the best software-based information-gathering tools on the market, then ends with a discussion about password profiling tools.

  • Physical Tools
Physical security is comprised of the measures that companies or people take to remain secure that do not involve a computer. It often involves locks, motion cameras, window sensors, and the like.
                                             First 
  • Lock Picks
shows a very rough image of a simple lock.


A lock pick simulates the key in moving all the pins into the correct position one by one, allowing the lock to turn freely and open the door. You need two main tools to pick a lock: picks and a tension wrench. Picks are long pieces of metal that curve at the end, similar to a dentist’s tool. They reach inside the lock and move the pins up and down until they are in the right position.


To pick a lock, follow these steps:

  • Insert the tension wrench into the keyhole and turn it in the same direction you would turn the key . The real skill here is knowing how much tension to add—use too much or too little, and the pins won’t fall into place, thus allowing the lock to turn. Providing just the right amount of tension creates a small ledge that offsets the plug enough to catch the pin shafts.
  • Insert the pick and use it to lift the pins one by one until you feel them lock in place. You can hear a slight click when an upper pin falls into position. When you get all the pins into position the plug will rotate freely, and you will have picked the lock.
Business card–sized lock-pick set
 Pocketknife

Cameras and Recording Devices
Cameras and recording devices seem so “peeping Tom-i sh” that many times the question arises, “Why? Why use hidden cameras and covert recording devices in an SE gig?” Good question. It has a simple two-part answer: for proof and protection.
  •  Let’s discuss the concept of proof. As already mentioned, a social engineering audit is where you are testing people. It is trying to help a company patch the human infrastructure to be more secure. 
  • The second reason to use recording devices in an SE gig is for protection, mainly for the professional social engineers.


All of these devices capture audio and color video from a hidden camera except for the pen, which is an audio recorder.

Note:
In part Second We read same other tools and use of GPS Tracker and Same Online Information Gathering Tools  

0 comments:

Post a Comment

Hack Me Tech