Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pen-Test and Social Engineering

From: "Fixer" <fixer907 () gmail com>
Date: Sun, 5 Feb 2006 12:55:03 -0900
Absolutely. If you're not doing it you're missing a vital part of a pen-test. It's not a complete pen-test unless you're checking that and physical security. One word of warning though: make sure your client understands that you're going to be doing social engineering as part of the test. Otherwise they're liable to get a bit grumpy. 

-Fixer
----- Original Message ----- From: <burzella () inwind it> 
To: <pen-test () securityfocus com>
Sent: Friday, February 03, 2006 5:03 AM
Subject: Pen-Test and Social Engineering



Hi
In yuor opinion, can a Social Engineering test be considered part of a Pen-Test? 

Thanks




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: 

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: