Social Engineering is the art or the ability to manipulate other people to obtain information. In this technique was the use of pure human mindset darikelemahan sendiri.Bercermin of famous hacker "Kevin Mitnick" is now a consultantsecurity, he is popular for its ability to use Social Engineering.Selainkompleksitasnya in applying the concept of a network, use SocialEngineering technique proved successful in the real implementation. Social simple tricks Engineeringsecara suppose you want to get complex data from a perusahaanmaka you simply behave as one employee. Sepertiini easy to get into an office you have to pretend to be one of those darikaryawan then obtain as much data as possible. After knowing akankelemahan of your new company prepare for the next stage yaitupenetrasi system. Easy is not it? In concept this trick does seem sederhananamun real trick is pretty hard to do especially this concept of human penuhmengadopsi mindset towards psycho-analisis.Dalam Social Engineering techniques, have at least some level of harusdipahami. People who are just learning to hacking activities and could get no card through the online store kreditdari tools hack a bit much to be proud of yourself sampaimenyanjung like a real hacker. There was no relationship between these tindakancriminal, it is tantamount to stealing other people's stuff without thinking prosesyang do. The most important thing you can have a name goods curianwalaupun in fact you get through the tools / program hack. To that end, this is where many of the role of Social Engineering techniques applied. The first thing sedikitberkebalikan with human nature that is able to consider themselves "
pretend to be stupid"This technique proved successful real. For example, you inginmengetahui data - specifically data from the office, you will first find clear information - details about the boss or the top brass of one of the employees, well then you informasitersebut capacity. To be able to behave as an employee of kantortersebut like then you ask about the data - data of employees by acting as a messenger from the top brass of the office. The process was seen unfocused andalternating impressed - did not yield any return, but think about when although only a low-ranking employee, you inevitably give jugaharus data - your data or other employees even when there is a messenger of yangberatas call you to ask the boss or senior data perusahaan.Teknik "pretend - play dumb"Is inversely proportional to the persepsimanusia who always want to show the capabilities and accomplishments. However perluanda understand again, when there are many questions - questions about any yanganda not explain him of fools do not understand. Bertanyadalam not understand the concept is not yet started there for memahamilebih in response to what you describe though sometimes you are bored to respond. Not so with this technique, the human race has properties somewhat superior to him, this trend makes a human being let alone malassepenuhnya to share the name of science. Contohketika like you are just learning to be a hacker even stamped orangsekeliling newbie by you and other community members. You would say to the senior sepertiini: "Mas ... I was a newbie please hacking technique", for the most yangmenanggapinya said: "Okee, we are sharing - sharing only what you bisasama me, I'll share too."Surely you are unconsciously telahmelakukan Social Engineering techniques but answers when menjawabuntuk sharing those responses only assume that you are not one taken lightly or setidaknyaanda also know some of the concepts in Social Engineering techniques hacking.Dalam there is no obvious level, but rather the stages yangterakhir able to analyze the human response to psychological semuafactor although manifested in the cyber world, but the technique is capable of menerjemahkanke in character or nature of the human factor is real. In fact, when kitabertatap face with other people, there is a sense of respect and impressions of nature directly ketikaberkomunikasi.While in the cyber world SocialEngineering reading techniques involving human characters are often called the ability "manipulate the character", Because if we have been able to read the character of others, we are also able to do and even similar to the person's character. Dalamdunia it's real hard to do, but in this cyber world can be
performed. Because remember that the cyber world in the form is set dariperwujudan human nature is good in the character avatar (character) in chat ataubahkan as the user account of the particular site. And remember also, the creation of karakteratau more precisely it is we who created the virtual world characters not the world mayayang create our character. So the nature of the hacker is able to change - ubahkarakternya according to the circumstances allow. The character of this nature tidaklahstatis virtual world is a layered interface - layers of the original hacker darikarakter itself. So hard to guess the character of pure seoranghacker in Social Engineering manifestasinya.Untuk application of this technique is not standardized, this technique also be studied iniselain innate ability to understand the nature of dasarmanusia and process them into a psychological analysis. So even then it's up to learn a concept andauntuk Social Engineering as a non-teknikalsebagai media assistance is conceptually hacking activity.
>. Defenition Sosiol Engenering Toolkit
The Social Engineering Toolkit (SET) is a pythonpackage custom-driven tool that focuses solely onthe human element of penetration testing attack. It'smain purpose is to enhance and simulate social-engineering attacks and allows the tester to test how effective a targeted attack can succeed.
1. Java to change the workings of a self-signedcertificate. This shows the great UNKNOWN
now,the sign itself is modified slightly.
2. Added the ability to buy a code signingcertificate and sign automatically. You can also
2. Added the ability to buy a code signingcertificate and sign automatically. You can also
import or make a request.
3. Fixed bug where the attack vector wifi will notrecognize the / usr / local / sbin / dnsspoof
3. Fixed bug where the attack vector wifi will notrecognize the / usr / local / sbin / dnsspoof
as avalid path
4. Fixed bug in new backtrack5 to recognizeairmon-ng
5. Added ability to import your own code without having to produce a certificate signed by
4. Fixed bug in new backtrack5 to recognizeairmon-ng
5. Added ability to import your own code without having to produce a certificate signed by
SET
6. Fixed problem where web template will containtwo java applet on the fault, now is the
6. Fixed problem where web template will containtwo java applet on the fault, now is the
correct loadand only one
7. Fixed problem when using the boundaryexception SET interactive shell, it
7. Fixed problem when using the boundaryexception SET interactive shell, it
usespexpect.spawn and converted intosubprocess.Popen instead
8. Added better detection of imports and error handling around the python readline module.
8. Added better detection of imports and error handling around the python readline module.
The old version of python might not, if it detects that thepython-readline is not installed will
disable tabcompletion
9. Added a new menu to the menu interface is the main SET new certificate is verified
9. Added a new menu to the menu interface is the main SET new certificate is verified
codesigning
10. Fixed bug with SET interactive shell that if youchoose a number that was out of the
10. Fixed bug with SET interactive shell that if youchoose a number that was out of the
various shellsare listed, it will hang. Now throws appropriateexceptions if the number is
invalid or non-numericalexample is given for the input.
11. Added more documentation about the core modules in User_Manual SET
12. SET_User manually updated to reflect version
11. Added more documentation about the core modules in User_Manual SET
12. SET_User manually updated to reflect version
EXAMPLE IMAGE FROM SET.
Tidak ada komentar:
Posting Komentar