Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2010
IEEE
2010
IEEE
Two methodologies for physical penetration testing using social engineering
Penetration tests on IT systems are sometimes coupled with physical penetration tests and social engineering. In physical penetration tests where social engineering is allowed, the penetration tester directly interacts with the employees. These interactions are usually based on deception and if not done properly can upset the employees, violate their privacy or damage their trust toward the organization and might lead to law suits and loss of productivity. We propose two methodologies for performing a physical penetration test where the goal is to gain an asset using social engineering. These methodologies aim to reduce the impact of the penetration test on the employees. The methodologies have been validated by a set of penetration tests performed over a period of two years.
Real-time TrafficACSAC 2010 | Penetration Tests | Physical Penetration Test | Security Privacy | Social Engineering |
Related Content
| Added | 10 Feb 2011 |
| Updated | 10 Feb 2011 |
| Type | Journal |
| Year | 2010 |
| Where | ACSAC |
| Authors | Trajce Dimkov, Wolter Pieters, Pieter H. Hartel |
Comments (0)
Researcher Info
|
