I was just watching Mr. Robot … an excellent TV show that any security person should find interest in, and they use actual hacking tools and techniques in the show. I saw the Social Engineering Toolkit used on S2 E1. I’ve used Kali Linux before, but never gave much thought to the SET application. If you have 22 minutes to spare and want to see how easy it is to social engineer your way to compromise credentials then watch this…

The kid in the video you can tell is not very far along in Computer Science which makes this even more crazy at how easy it is. Although his example shows a compromise against a host on the same network, the example would work just as well if I was on my network, and wanted to hack you. Standard tools that are so easy to use that you don’t really have to understand 100% of what you are doing. It’s a little scary.

https://youtu.be/XDVsLUpUC84

I’ve also been reading this book… I’ve owned it for a while but just hadn’t cracked it open…

Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker
By Kevin Mitnick
http://amzn.to/29RfF2r

I had the privilege to meet Kevin several years ago. I usually do physical security at a conference called Hackers On Planet Earth (HOPE) https://hope.net  in New York City. It’s a recurring conference that is actually going on this weekend, but I wasn’t able to make it this year. When I met Kevin I was assigned to his mother and grandmother there as their security person at HOPE because I had medical and security experience. He’s a pretty interesting guy, and in his book he goes in to detail about how he penetrated organizations. In this book it’s largely the phone company, and his interactions with the FBI. Hopefully I’ll be lucky enough to learn from him again. Maybe at the next HOPE in two years. 🙂

Once you get hooked on Kevin’s writings then check out these other two books…

The Art of Deception: Controlling the Human Element of Security
Kevin D. Mitnick  (Author), William L. Simon  (Author), Steve Wozniak (Foreword)
http://amzn.to/2a756XO

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers
Kevin D. Mitnick  (Author), William L. Simon  (Author)
http://amzn.to/2a4aKaj

 

Advertisements