War Story: “Can I see that?”

When traveling for these types of assessments, we always consider the location of a client’s facilities. Often, we’re fortunate enough that these locations are adjacent to a hotel, café, food court, or a shared facility in general. How does this help, other than the convenience of a nap or food in between efforts? To a malicious actor, one can use this to conduct passive reconnaissance to gather useful information which is anything from the target facility’s dress code, ingress/egress points, security camera placement, style of… … More War Story: “Can I see that?”

Layer 8 Social Engineering Conference – Podcast

Tim Roberts and I had a great discussion with Patrick from the social engineering-focused Layer 8 Conference. Not long ago, I made a post on Twitter asking which topics, tools, techniques others might like to have me write a blog post about. There were some great responses, such as “what do you do when you’re … More Layer 8 Social Engineering Conference – Podcast

10 Classic Cons

As a pentester and former street magician, I have used distraction and trickery to divert the attention of a target, mostly through social engineering. This has helped me professionally and during parties. A 2014 article written by Kacey Henley lists some of the old fashioned short and long cons (albeit names vary) that still work … More 10 Classic Cons