2018-032-chris Hadnagy, discusses his new book, OSINT and SE Part 1
Published September 8, 2018
37 min
    Add to queue
    Copy URL
    Show notes

    Christopher Hadnagy Interview:

    Origin story

    • connoisseur  of moonshine

    Social Engineering: The Science of Human Hacking 2nd Edition

    Sponsored Link (paperback on Amazon): https://amzn.to/2NKxLD9

    SEORG book list: https://www.social-engineer.org/resources/seorg-book-list/

    Chris’ Podcast: https://www.social-engineer.org/podcast/


    SECTF at Derby (contestants are chosen)



    Remembering - attention to detail

        Remembering details

        Can be the difference between success and failure

    Social Engineering - the different aspects:

    1. Info Gathering
      1. Time constraints
      2. Accommodating non-verbals
      3. Body language must match mood
      4. Using a slower rate of speech
      5. Suspending ego
      6. RSVP
    2. Rapport
    3. Psychology
      1. “Getting information without asking for it”
    4. Elicitation
      1. ‘The Dark Art’ -negative outcome for the target
    5. Manipulation
      1. “Getting someone to do what you want them to do”
      2. Understanding the science of compliance
    6. Influence
    7. Profiling
    8. Communications Modeling
    9. Facial Expressions
    10. Body Language
      1. Don’t overextend your reach
      2. Knowledge that comes from a point of truth, or is easily faked
    11. Pretexting
    12. Emotional Hijacking
    13. Misdirection
    14. Art
    15. Science




        What precipitated the need to write another book?

        You bring up several successful operations, and several failures…

            How do you regroup from a failure, especially if the point of entry is someone that ‘got you’...

    “The level of the assistance you request must be equal to the level of rapport you have built” -

        Seems like understanding this is an acquired skill, not set in stone…


    Many of us in the infosec world are introverts… how do you suggest we hone our skills in building rapport without coming off as creepy?

    Work place? On the commute?

    Does being an introvert mean that it might take longer to get to the goal? Can we use our introverted natures to our advantage?

            Get Ryan on the show…        


    Lots of items

    (8 principles of influence)   


    Typical daily SE activities

        Holding a door open, then the person reciprocates



        We don’t ‘kill our dogs’, we ‘put them to sleep’.

    Questions from our Slack:



    Do you feel there's an importance for non-InfoSec adjacent folks to learn about Social Engineering, and maybe go through some sort of training in order to navigate day-to-day life in the modern world?


    What does an interview at Chris’ company look like?





    Check out our Store on Teepub! https://brakesec.com/store

    Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

    #Brakesec Store!:https://www.teepublic.com/user/bdspodcast



    #Youtube Channel:  http://www.youtube.com/c/BDSPodcast

    #iTunes Store Link: https://brakesec.com/BDSiTunes

    #Google Play Store: https://brakesec.com/BDS-GooglePlay

    Our main site:  https://brakesec.com/bdswebsite

    #iHeartRadio App:  https://brakesec.com/iHeartBrakesec


    Comments, Questions, Feedback: bds.podcast@gmail.com

    Support Brakeing Down Security Podcast by using our #Paypalhttps://brakesec.com/PaypalBDS OR our #Patreon


    #Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

    #Player.FM : https://brakesec.com/BDS-PlayerFM

    #Stitcher Network: https://brakesec.com/BrakeSecStitcher

    #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

        0:00:00 / 0:00:00