Category: Social Engineering

Vintage Security Awareness Posters

May 11, 2018

While working on a two-week long engagement with a client, we had built enough rapport to joke openly, and be ourselves (which is a scary thought). Through this, I had started teasing him about his departments “security awareness” posters. These things were so cheesy. So, at the end of the two weeks, as we were … More Vintage Security Awareness Posters

Vintage Security Awareness Posters

Physical Assessments Against Hospitals

December 22, 2017

Recently, I performed a physical assessment against a large hospital. There are several gaps that were discovered, but I will not cover those in this post. With the high level of traffic in an environment like a hospital with many employee types, patients, vendors, volunteers, etc., it’s common for many people to be in/out of … More Physical Assessments Against Hospitals

Leave a comment Physical Assessments Against Hospitals

OSINT Resources

November 8, 2017

Here, we are going to document useful tools we utilize during the Open-Source Intellignce (OSINT) phase of our assessments. Feel free to send suggestions of tools/websites that you like to use as well. https://start.me/p/ELXoK8/bellingcat-osint-landscape A wealth of links broken down into different categories. Highly recommended! http://osintframework.com/ Excellent starting point! A well-maintained repository of well-known OSINT … More OSINT Resources

DEFCON SE Village Talk

October 23, 2017

SE Village talks are now available! Check out our most recent talk “Skills For A Red Teamer” … More DEFCON SE Village Talk

DEFCON SE Village Talk

Red Team Field Kit – Lite

September 5, 2017

A small toolkit for the field when performing onsite social engineering assessments. … More Red Team Field Kit – Lite

Red Team Field Kit – Lite

Know your adversary: Focus on social engineering

August 28, 2017

Podcast discussing social engineering and knowing your adversary. … More Know your adversary: Focus on social engineering

Know your adversary: Focus on social engineering

10 Classic Cons

February 7, 2017

As a pentester and former street magician, I have used distraction and trickery to divert the attention of a target, mostly through social engineering. This has helped me professionally and during parties. A 2014 article written by Kacey Henley lists some of the old fashioned short and long cons (albeit names vary) that still work … More 10 Classic Cons

10 Classic Cons

Red Team Toolkits

February 1, 2017

A couple of tips and examples of the “Red Team Toolkits” that we typically use in the field. … More Red Team Toolkits

Red Team Toolkits

Hak5 LAN Turtle

November 8, 2016

My #Hack5 LAN Turtle is ready for deployment! This has certainly been a helpful tool to use for #SocialEngineering assessments. –Brent

Hak5 LAN Turtle

The Thief

November 2, 2016

A blog that Tim wrote about a recent red team assessment utilizing a RFID thief hidden inside a “covert clipboard”: https://www.solutionary.com/resource-center/blog/2016/11/the-thief/

The Thief

Posts navigation

Older posts

Tim Roberts Brent White – Social Engineering, Red Team, Hacking, Physical Security, Cyber Security