![]() White Oak Security is a highly skilled and knowledgeable cyber security testing company that works hard to get into the minds of opponents to help protect those we serve from malicious threats through expertise, integrity, and passion.Ĭontact White Oak Security’s pentesting team. If you are in need of a Social Engineering engagement – contact White Oak Security to discuss further. Once I establish consistent access, I tend to bring more items in to start testing different controls within the building. Typically, when attempting to gain access into a building – I try to keep my setup light, just for quick moving around. What’s In Your Bag?ĭepending on the engagement and what the client considers to be in-scope the items contained within my social engineering toolkit bag can differ all the time. I try to keep all of these tools within a larger laptop carrying bag (shown below). Get out of jail letter (client authorization letter).Legitimate identification (driver’s license).Other items I tend to consider keeping on hand include (but again, are not limited to the following lists. If you want a good tool then SET is there to help you assess your company security cavity. Vulnerability scanners will find the security issues in computer systems, but cannot find them in a human being. I also have a couple of blog posts on utilizing this specific Proxmark3. The Social-Engineer Toolkit (SET) is an open-source Python-driven tool aimed at penetration testing around social engineering. Taking it even further – I also include White Oak Security’s own Skim Job toolset if I am targeting low-frequency HID Prox style cards. ![]() It allows me to clone, emulate, and even brute force RFID cards. ![]() On the RFID side of the house, I like to keep a spare Proxmark3 RDv2 setup. There are a ton of different companies that offer different setups – but one that comes with most of the items needed is this Tactical Entry Kit from Lock Pick Tools (shown below). I tend to keep a standard set of various lock picks on hand, but also like to include the following: The one caveat is that it can be fairly big, however, I have gotten it to fit within a larger laptop bag! Lock Pick Tools The UTDT is very inexpensive – roughly $30, which makes it a no-brainer for anyone doing social engineering engagements. Once in place, pulling down on the cable will move the handle and open the door. This tool is super easy to use, just slide it under the door and work it up over the latch. The Under The Door Tool (UTDT) can be used to open level handle doors from the outside via reaching under the door. Now the following items are what I have included (but not limited to) MY toolkit, these can vary from pentester to pentester. This post will discuss the items I have in my toolkit bag and potentially introduce you to some helpful, handy tools. As a pentester, I have performed 50+ physical onsite social engineering engagements over my professional career and I always bring my social engineering toolkit. One of the many services that White Oak Security offers is Onsite Social Engineering.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |