Metasploit mailing list archives
Re: Sample Contracts for Pen Testing
From: Christian Heinrich <christian.heinrich () cmlh id au>
Date: Sat, 1 Sep 2012 15:29:32 +1000
I would assume that you are intending to undertake something similar to http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_(SET) and hence you would be required to seek indemnity from each employee (since they own the device(s) you are targeting i.e. the system owner) and not the company itself. Obviously, this would dilute the effectiveness of the smishing and phishing e-mails since they would be forewarned (of such e-mails). On Tue, Aug 28, 2012 at 3:06 AM, Chip <jeffschips () gmail com> wrote:
Or any insights into this particular scenario would be appreciated, particularly as it relates to sending smishing and phishing emails to employees who bring their own wireless devices into a company environment and use the company's network, as well as those employees who use their company-owned wirelessly connected devices at the workplace.
-- Regards, Christian Heinrich http://cmlh.id.au/contact _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Sample Contracts for Pen Testing Chip (Aug 27)
- Re: Sample Contracts for Pen Testing Giles Coochey (Aug 28)
- Re: Sample Contracts for Pen Testing Stephen Haywood (Aug 30)
- Re: Sample Contracts for Pen Testing Daniel Clemens (Aug 30)
- Re: Sample Contracts for Pen Testing Christian Heinrich (Aug 31)