Penetration Testing mailing list archives

Re: Social Engineering Formal Methodology

From: Will Wilkinson <Will () lancre net>
Date: Fri, 8 Mar 2002 02:16:05 +0000

In message <20020307080844.49098.qmail () web20802 mail yahoo com>, IliciRamirez <ilici_ramirez () yahoo com> writes


Hi,

There are many resources available on the web about
Social Engineering (including NLP - my new hobby) -
you can find them on google very quickly. But most of
them contain "what is SE", some examples and
references to other sites with the same stuff.

Anyway ,as far as my research has gone I could not
find any paper on A FORMAL METHODOLOGY for conducting
Social Engineering Assessments.

In any audit if you do not follow a methodology you
cannot guarantee for quality of the work.

So, could anybody give us an advice?

Best Regards,
Ilici R

It is covered in the Open Source Security Testing Methodology Manual<http://ideahamster.org/osstmm-description.htm>.


HTH

Will
--
BadAss - A *small* town in the Ramtops, in the kingdom of Lancre.
lancre.net - The personal domain of Will and Cath Wilkinson.

PGP Fingerprint E089 1736 A023 9E5C AFA3  0B40 E5DC D80A 9E1F D521
Public key can be obtained from ldap://certserver.pgp.com

Attachment: signature.asc
Description:

Current thread:

Social Engineering Formal Methodology Ilici Ramirez (Mar 07)
- Re: Social Engineering Formal Methodology CT (Mar 08)
- Re: Social Engineering Formal Methodology Todd Willey (Mar 08)
- Re: Social Engineering Formal Methodology Will Wilkinson (Mar 08)
- <Possible follow-ups>
- RE: Social Engineering Formal Methodology Brass, Phil (ISS Atlanta) (Mar 09)