When it comes to social engineering, gathering information about the target is crucial, especially if you target a specific person. **
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. (Art of war, Sun Tzu)
In this part we will see how to get information about people _**_which could be useful to personalize social engineering attacks to make them more efficient.


General search: -https://webmii.com -Google Dork : site:linkedin.com -inurl:dir “at company” “Current”
About companies: -https://opencorporates.com/ -https://www.societe.com/ (For France) Employee's feedback and information about companies: -https://www.glassdoor.fr/ -https://www.indeed.fr/companies?from=gnav-acme--acme-webapp​
Social networks/medias:
Image recognition: -https://tineye.com/​


Black-box Penetration Testing - How To Perform External in Organization
GBHackers On Security
GitHub - jivoi/awesome-osint: A curated list of amazingly awesome OSINT
Copy link