2018–033-Chris_Hadnagy-SE-OSINT-vishing-phishing-book_interview-pt2
iSpeech.org
Part 2 of our interview with Chris Hadnagy Discuss more about his book, best ways to setup your pre-text in an engagement how you might read someone on a poker table a great story about Chris's favorite person âNeil Fallonâ from the rock band âClutchâ and we talk about âinnocent lives foundationâ, something near and dear to Chris' heart. We start the second part of our interview with Chris with the question âare the majority of your SE engagements phishing and calls, or is it physical engagements?â
Sponsored Link (paperback on Amazon): https://amzn.to/2NKxLD9
SEORG book list: https://www.social-engineer.org/resources/seorg-book-list/
Chrisâ Podcast: https://www.social-engineer.org/podcast/
SECTF at Derby (contestants are chosen)
Remembering - attention to detail
Remembering details
Can be the difference between success and failure
Social Engineering - the different aspects:
Info Gathering Time constraints Accommodating non-verbals Body language must match mood Using a slower rate of speech Suspending ego RSVP Rapport Psychology âGetting information without asking for itâ Elicitation âThe Dark Artâ -negative outcome for the target Manipulation âGetting someone to do what you want them to doâ Understanding the science of compliance Influence Profiling Communications Modeling Facial Expressions Body Language Donât overextend your reach Knowledge that comes from a point of truth, or is easily faked Pretexting Emotional Hijacking Misdirection Art Science
Questions:
What precipitated the need to write another book?
You bring up several successful operations, and several failuresâŚ
How do you regroup from a failure, especially if the point of entry is someone that âgot youâ...
âThe level of the assistance you request must be equal to the level of rapport you have builtâ -
Seems like understanding this is an acquired skill, not set in stoneâŚ
Many of us in the infosec world are introverts⌠how do you suggest we hone our skills in building rapport without coming off as creepy?
Work place? On the commute?
Does being an introvert mean that it might take longer to get to the goal? Can we use our introverted natures to our advantage?
Get Ryan on the showâŚ
Lots of items
(8 principles of influence)
Typical daily SE activities
Holding a door open, then the person reciprocates
Framing
We donât âkill our dogsâ, we âput them to sleepâ.
Questions from our Slack:
Ben:
Do you feel there's an importance for non-InfoSec adjacent folks to learn about Social Engineering, and maybe go through some sort of training in order to navigate day-to-day life in the modern world?
What does an interview at Chrisâ company look like?
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#Brakesec Store!:https://www.teepublic.com/user/bdspodcast
#Spotify: https://brakesec.com/spotifyBDS
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
2018-09-15 22:10:34
source
Gloss