Quote

Basic requirements for Social Engineering or Hacking

 


1 Information Gathering

● Gather information about the target (company/website/person).
● Discover associated websites, links, companies.
● Associated people, names, emails, phone numbers, social networks, friends.
● Associated social networking accounts.
● Display all info on a graph and build attack strategies.

2 Generating Evil Files

● Create basic evil files for most common operating systems, this includes (but
not limited to):
○ Backdoors.
○ Keyloggers.
○ Password recovery tools.
○ Download & execute payloads.
○ Download & report payloads.

3 Enhancing Evil Files

● Bypass all anti-virus programs.
● Create trojans for most common operating systems.
● Embed evil code in microsoft office documents.
● Make evil file look and function like a normal file (image, pdf ...etc).
● Create perfect spying tools.

4 Delivery methods

● Smart social engineering techniques to deliver evil files.
● Fake login pages.
● Fake update pages.
● Fake update popups.
● Mail spoofing.
● Fake website/youtube traffic.
● And more!

5 Post Exploitation

● Control computers we hacked in previous sections.
● Access file system (open, edit, remove, upload, download) files
● Spying.
● Privilege escalation.
● Accessing camera.
● Pivoting.
● And more!

6 Security

● Secure yourself from social engineering attacks.
● File integrity.
● Analyze files.
● Analyze network connections and running services.
● Run files in the sandbox.

Reactions

Post a Comment

0 Comments

Close Menu