RE: Pen-Test and Social Engineering

From: Michael Mooney (wolfiroc@earthlink.net)
Date: Sun Feb 05 2006 - 13:32:46 EST

• Next message: Peter Wood: "Re: Pen-Test and Social Engineering"
• Previous message: John: "RE: Pen-Test and Social Engineering"
• Maybe in reply to: burzella@inwind.it: "Pen-Test and Social Engineering"
• Next in thread: Ratna Kumar: "Re: Pen-Test and Social Engineering"
• Reply: Ratna Kumar: "Re: Pen-Test and Social Engineering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Most certainly. Social engineering is an excellent way of doing a recon of
your target. It's amazing that, despite all the press and warning, people
will still "give up" the information requested if you sound official or
appear to be helping them. Human nature, but human nature can help you
identify what can "kill" the system.

> [Original Message]
> From: <burzella@inwind.it>
> To: <pen-test@securityfocus.com>
> Date: 2/5/2006 1:02:07 PM
> Subject: Pen-Test and Social Engineering
>
> Hi
> In yuor opinion, can a Social Engineering test be considered part of a
Pen-Test?
>
> Thanks
>
>
----------------------------------------------------------------------------

--
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking applications on your 
> website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
> futile against web application hacking. Check your website for
vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks before
hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
>
----------------------------------------------------------------------------
---
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Peter Wood: "Re: Pen-Test and Social Engineering"
• Previous message: John: "RE: Pen-Test and Social Engineering"
• Maybe in reply to: burzella@inwind.it: "Pen-Test and Social Engineering"
• Next in thread: Ratna Kumar: "Re: Pen-Test and Social Engineering"
• Reply: Ratna Kumar: "Re: Pen-Test and Social Engineering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:26 EDT