Social Engineering Archives - Black Hills Information Security

00387_05112019_PODCAST_Weaponizing_Intel

Password Spray, Phishing, Podcasts, Recon, Red Team, Red Team Tools, Social Engineering Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Podcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook critical assets. Download slides: http://www.activecountermeasures.com/presentations/ In this one-hour BHIS podcast […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

How-To, Phishing, Recon, Red Team, Red Team Tools, Social Engineering, Webcasts Beau Bullock, Demos, FireProx, Mike Felch, PII, recon, Social Media, Social Trust Attack, tools

Webcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Read the entire post here

Fun & Games, Informational, Social Engineering general infosec, informational, social engineering

Social Engineering in Japan

Kelsey Bellew//* It’s an occupational hazard to see vulnerabilities everywhere. When I see a router sitting in plain sight I think, “The default creds are probably printed on the back; I wonder if those were ever changed?” When I see an unattended locked door propped open by a shoe or a box, it’s “Why would […]

Read the entire post here

C2, External/Internal, General InfoSec Tips & Tricks, How-To, InfoSec 201, InfoSec 301, Red Team, Red Team Tools, Social Engineering C2, C2 Infrastructure, C2K, command and control, Digital Ocean

How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped

Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this post we will walk through the changes to C2K as well as re-deploy a demo C2 infrastructure with all the new features. It is worth […]

Read the entire post here

Red Team, Social Engineering fun fun fun, helpful help desk, IT Help Desk, maternity leave, password reset, social engineering, VM

Social Engineering – Sometimes It’s Too Easy

Carrie Roberts // A fun story from an adventure in social engineering not too long ago. Thought I’d pass on some things I learned and ways to be more prepared in the future. The Goal Call the IT Help Desk for a customer and try to reset the password for five users. I was not provided the […]

Read the entire post here

InfoSec 201, Red Team, Social Engineering Family Tree Now, genealogy, OSINT, phishing, social engineering

Phishing Family Tree Now: A Social Engineering Odyssey

Joe Gray* // You may have heard about a new genealogy tool called Family Tree Now. It is a (seemingly) 100% free tool (more on that later) that allows you to enumerate your family tree without having to enter much data (initially) beyond your name. While it can be useful – especially if family reunions are […]

Read the entire post here