Re: Pen-Test and Social Engineering

From: Marco Ramilli (gramill@tin.it)
Date: Sun Feb 05 2006 - 13:18:15 EST

• Next message: Steven: "Re: Pen-Test and Social Engineering"
• Previous message: Bruce Martins: "Re: Identification of a Mail Server"
• In reply to: burzella@inwind.it: "Pen-Test and Social Engineering"
• Next in thread: Steven: "Re: Pen-Test and Social Engineering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

burzella@inwind.it wrote:

>Hi
>In yuor opinion, can a Social Engineering test be considered part of a Pen-Test?
>
>Thanks
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
Obviously ! Social Engineering is the penTest's King.
In a final documentation is essential write about this kind of attack.
It's really a normal attack like MITM or DoS, some time Social is more
dangerous than other kind of attack.

-- 
*************************************
Dott. Ing. Marco Ramilli aka eth0up
Ric Security System:
- http://www.rrsecurity.info
- eth0up@rrsecurity.info
- http://cesena.ing2.unibo.it
- marco.ramilli@studio.unibo.it
personal:
- gramill@tin.it
- marco.ramilli@mac.com
************************************ 
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Steven: "Re: Pen-Test and Social Engineering"
• Previous message: Bruce Martins: "Re: Identification of a Mail Server"
• In reply to: burzella@inwind.it: "Pen-Test and Social Engineering"
• Next in thread: Steven: "Re: Pen-Test and Social Engineering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:26 EDT