Social Engineering is a distinct and far less technical form of penetration testing that emulates the activities of a malicious user and the variety of techniques used to gain information that further aides or eases the progress of their attack.
As Social Engineering attacks are generally used to test the effectiveness of the Security Awareness program the tests utilized are often unique to the engagement. Where possible, targeting of specific techniques that test the effectiveness of the Security Awareness program is most beneficial.
- Quid-Pro Quo Techniques
- Cubicle Surfing
- Dumpster Diving