Social engineering penetration testing focuses on people and processes and the vulnerabilities associated with them. These penetration tests typically consist of an ethical hacker conducting different social engineering attacks such as phishing, USB drops, or impersonation that a person could face during the course of their work.

The goal of this test is to identify weaknesses in a person, group of people, or process and identify vulnerabilities with a clear path to remediation.

I notably focus on campaigns based on:

  • Phishing
  • Spear phishing

Methodology

  • Reconnaissance
  • Exploitation