Course: Dean Pompilio on "Social Engineering and Manipulation" at Cybrary Social Engineering (SE) Tools: *Cewl Use Cewl’s spidering process to generate a word list for password cracking *Cupp This tool allows you to generate a list of possible passwords to use in the Dictionary file. cupp.py -l cupp.py - *Creepy Account enumerator tool that does account harvesting *Dradis SE platform [site: edu|org + inurl:"faculty_login.asp | .php" intitle:"Index Of" intext:"iCloud Photos" ORintext:"My Photo Stream" OR intext:"Camera Roll" intitle:"Index of" "DCIM" inurl"CrazyWWWBoard.cgi intext:"detailed debugging information" intitle:"Retina Report" intext:"Confidential Information"] *Maltego Data visualization tool *Recon-NG show modules use netcraft set source [ANY WEBSITE NAME] show hosts use recon/hosts-hosts/resolve run use discovery/info_disclosure/interesting_files use recon/domains-hosts/brute_hosts use ipinfodb use pgp del contactds 1-12 use recon/contacts-credentials/pwnedlist use reporting/html *Scythe Framework Account enumerator tool that does account harvesting. *Creepy Allows to do geolocation for a target by using various social networking platforms to track individuals. *Shodan Crawls the Internet and identifies IP addresses that have a service running. Then it does a banner grab of the service that is running, and it saves the banner information. Social Engineering Toolkit (SET) [*use TinyURL to obfuscate links] Exploitation Lifecycle: *Reconnaissance *Scanning *Gaining Access *Maintaining Access *Cleaning Tracks Reconnaissance: Digital Information Gathering Network lookups Traceroutes Social Engineering? Scanning Port Scanning OS Identification Social Engineering Gaining Access Social Engineering Phishing Spear-phishing Whaling Watering hole Infecting sites well known to victims USB drop Bars & clubs Coffee shops Universities Maintaining access Stealthy, persistent software/hardware implant Rootkits & backdoors Adding a firewall exception Social Engineering? Covering Tracks Deleting logs Disabling auditing Social engineering Social Engineering Technique: Interactive Voice Response (IVR) *Recreate a legitimate-sounding copy of a institutions IVR system *Prompt victim with phishing email to verify information using fraudulent IVR Social Engineering Technique: Quid Pro Quo *Cold call as technical support in hopes of reaching a person with a significant problem *Victim discloses private information and/or installs malware Recon-ng show modules use netcraft set source [ANY WEBSITE NAME] show hosts use recon/hosts-hosts/resolve run use discovery/info_disclosure/interesting_files use recon/domains-hosts/brute_hosts use ipinfodb use pgp del contactds 1-12 use recon/contacts-credentials/pwnedlist use reporting/html Social Engineering Techniques: Targeting * Information gathering is key * Make it personal Show depth Be authentic Provide incentive for revealing information
0 Comments
Leave a Reply. |
AuthorVitali Kremez Archives
July 2016
Categories |