www.social-engineer.org

Interested in participating competitive Social Engineering Championship in Australia? Ahem- intentionally omitted the word 'in a' in the title...for a-you-know...some reason Shout out if you want to get involved - organiser or participant. Let's get something going. Might be something like the [DEFCON event](http://www.social-engineer.org/category/ctf/) or may be something unique. Good opportunity for you to turn those skills into a 'legit qualification' that might get you a security role or help you social engineer other social engineers for lulz. Prefer if you're in Melbourne if you want to help organize this with me, since I'm here too. We might even make some good dosh off it too :) Maybe you'll even find a quality [social engineering partner?](http://www.darkreading.com/informationweek-home/social-engineering-grows-up/d/d-id/1204252) Via la Australian Social Open - the first autonomous social engineering competition!

To those who have read the book "How to win friends and influence people", how much has it helped you in finding a job or making money? I'm studying IT and I expext to graduate with my undergraduate studies soon. I'm thinking od how I could apply or how the book as well as the other here http://www.social-engineer.org/resources/seorg-book-list/ will help me with making/earning money. That site seems awesome! :D

Sidebar Listing of SE-related material? I'm kind of surprised that there isn't a list of recommended materials and websites on the sidebar. Aside from Dale Carnegie, I would have expected: * Robert Cialdini (http://www.influenceatwork.com/) * "Eyes for Lies" Renee (http://www.eyesforlies.com/blog/) * Chris Hadnagy (http://www.social-engineer.org/) ... etc etc. Thoughts?

Some actual social engineering tips (with sources) Since this subreddit is slowly turning into /r/socialskills, I'll step in and provide some content. This is my throwaway porn account, deal with it. Oh, and *I provide sources*, because what I say is based on facts and scientific research, not PUA speculation. **Intro** So you want an internship. You are just like every other student in terms of experience, attractiveness and social skills. What do you do? People will tell you to network, but you have no *leverage*. To employers, you are pretty much worthless. The goal here is one of those two: * Make you seem like you are not worthless * Make you worth more than other students **Getting leverage** Since you have very little experience, we'll cheat a bit. This starts with a few obvious things: * Get a few pairs of eyes on your resume. Your university has people whose only job is to get you hired, and nobody ever pays them a visit. Get your resume reviewed by as many professionals as you can, and come back often. Once the content is good, get in touch with a graphic designer. You have no idea of what good spacing and a nice font selection can do. There are two reasons to do this: The [mere exposure effect](http://en.wikipedia.org/wiki/Mere-exposure_effect) makes these professionals favour you to unknown candidates, and [people prefer attractive things, regardless of their content](http://onlinelibrary.wiley.com/doi/10.1111/j.1559-1816.2003.tb01909.x/abstract). That's on top of the tremendous advantage of having professional help. * Network even without leverage. Even if you are not a special little snowflake, you can take advantage of the mere exposure effect by contacting people on LinkedIn to ask them questions. Connect with them saying that you had a lot of interest in the company and consider applying for internships. Ask them questions, converse with them and get them to refer you to someone in HR. This way, you can say "John Doe from the accounting tea

Some actual social engineering tips (with sources) Since this subreddit is slowly turning into /r/socialskills, I'll step in and provide some content. This is my throwaway porn account, deal with it. Oh, and *I provide sources*, because what I say is based on facts and scientific research, not PUA speculation. **Intro** So you want an internship. You are just like every other student in terms of experience, attractiveness and social skills. What do you do? People will tell you to network, but you have no *leverage*. To employers, you are pretty much worthless. The goal here is one of those two: * Make you seem like you are not worthless * Make you worth more than other students **Getting leverage** Since you have very little experience, we'll cheat a bit. This starts with a few obvious things: * Get a few pairs of eyes on your resume. Your university has people whose only job is to get you hired, and nobody ever pays them a visit. Get your resume reviewed by as many professionals as you can, and come back often. Once the content is good, get in touch with a graphic designer. You have no idea of what good spacing and a nice font selection can do. There are two reasons to do this: The [mere exposure effect](http://en.wikipedia.org/wiki/Mere-exposure_effect) makes these professionals favour you to unknown candidates, and [people prefer attractive things, regardless of their content](http://onlinelibrary.wiley.com/doi/10.1111/j.1559-1816.2003.tb01909.x/abstract). That's on top of the tremendous advantage of having professional help. * Network even without leverage. Even if you are not a special little snowflake, you can take advantage of the mere exposure effect by contacting people on LinkedIn to ask them questions. Connect with them saying that you had a lot of interest in the company and consider applying for internships. Ask them questions, converse with them and get them to refer you to someone in HR. This way, you can say "John Doe from the accounting tea

Some actual social engineering tips (with sources) Since this subreddit is slowly turning into /r/socialskills, I'll step in and provide some content. This is my throwaway porn account, deal with it. Oh, and *I provide sources*, because what I say is based on facts and scientific research, not PUA speculation. **Intro** So you want an internship. You are just like every other student in terms of experience, attractiveness and social skills. What do you do? People will tell you to network, but you have no *leverage*. To employers, you are pretty much worthless. The goal here is one of those two: * Make you seem like you are not worthless * Make you worth more than other students **Getting leverage** Since you have very little experience, we'll cheat a bit. This starts with a few obvious things: * Get a few pairs of eyes on your resume. Your university has people whose only job is to get you hired, and nobody ever pays them a visit. Get your resume reviewed by as many professionals as you can, and come back often. Once the content is good, get in touch with a graphic designer. You have no idea of what good spacing and a nice font selection can do. There are two reasons to do this: The [mere exposure effect](http://en.wikipedia.org/wiki/Mere-exposure_effect) makes these professionals favour you to unknown candidates, and [people prefer attractive things, regardless of their content](http://onlinelibrary.wiley.com/doi/10.1111/j.1559-1816.2003.tb01909.x/abstract). That's on top of the tremendous advantage of having professional help. * Network even without leverage. Even if you are not a special little snowflake, you can take advantage of the mere exposure effect by contacting people on LinkedIn to ask them questions. Connect with them saying that you had a lot of interest in the company and consider applying for internships. Ask them questions, converse with them and get them to refer you to someone in HR. This way, you can say "John Doe from the accounting tea

Social Engineering Recommended Reading. Because I feel like I see at least two or more requests per month, I was wondering if we could dump what we have into a single post and side bar it for future reference. [Social Engineering: The Art of Human Hacking](http://www.amazon.com/Social-Engineering-The-Human-Hacking/dp/0470639539/ref=sr_1_1?ie=UTF8&qid=1351192325&sr=8-1&keywords=Social+Engineering) [What Every BODY is Saying: An Ex-FBI Agent's Guide to Speed-Reading People](http://www.amazon.com/What-Every-BODY-Saying-Speed-Reading/dp/0061438294/ref=pd_sim_b_1) [Influence: The Psychology of Persuasion](http://www.amazon.com/Influence-Psychology-Persuasion-Business-Essentials/dp/006124189X/ref=pd_sim_b_4) *[Influence: Science and Practice (5th Edition)](http://www.amazon.com/Influence-Science-Practice-5th-Edition/dp/0205609996/ref=sr_1_2?ie=UTF8&qid=1351342766&sr=8-2&keywords=Influence+caldini) [How to Win Friends and Influence People](http://www.amazon.com/How-Win-Friends-Influence-People/dp/1439167346/ref=sr_1_1?s=books&ie=UTF8&qid=1351192625&sr=1-1&keywords=how+to+win+friends+and+influence+people) *[How to Win Friends and Influence People in the Digital Age](http://www.amazon.com/How-Friends-Influence-People-Digital/dp/1451612575/ref=sr_1_4?s=books&ie=UTF8&qid=1351214095&sr=1-4&keywords=how+to+win+friends+and+influence+people) [Social-engineering.org newsletter](http://www.social-engineer.org/se-newsletter/) I'm sure there are others that I didn't catch, those are just the ones I feel like I see most often. Dump any others that you feel should be included. *Update [The Art of Deception: Controlling the Human Element of Security](http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X/ref=pd_bxgy_b_img_y) [The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers](http://www.amazon.com/The-Art-Intrusion-Intruders-Deceivers/dp/0471782661/ref=sr_1_5?ie=UTF8&qid=1351198116&sr=8-5&keywords=Kevin+Mitnick

Why you should check your flash player for CSRF So let me just say that this attack is silly, because of the obviousness of it, as well as the video that was used. This is not the first time this has happened, specifically by the same people, remember when Hack is Wack got hit with this? (http://www.theregister.co.uk/2010/09/06/hackiswack_secure/) http://www.social-engineer.org/player.swf?file=http://disillusion.us/wat.flv What's hilarious about this is that it's from the se.org crew. CSRF is easy to exploit, especially when vulnerable flash players are used and they are widely used. This could be used in a social engineering attack to trick someone who inherently trusts social-engineer.org to run a malicious flash payload. This is simple.

Why you should check your flash player for CSRF So let me just say that this attack is silly, because of the obviousness of it, as well as the video that was used. This is not the first time this has happened, specifically by the same people, remember when Hack is Wack got hit with this? (http://www.theregister.co.uk/2010/09/06/hackiswack_secure/) http://www.social-engineer.org/player.swf?file=http://disillusion.us/wat.flv What's hilarious about this is that it's from the se.org crew. CSRF is easy to exploit, especially when vulnerable flash players are used and they are widely used. This could be used in a social engineering attack to trick someone who inherently trusts social-engineer.org to run a malicious flash payload. This is simple.

Why you should check your flash player for CSRF So let me just say that this attack is silly, because of the obviousness of it, as well as the video that was used. This is not the first time this has happened, specifically by the same people, remember when Hack is Wack got hit with this? (http://www.theregister.co.uk/2010/09/06/hackiswack_secure/) http://www.social-engineer.org/player.swf?file=http://disillusion.us/wat.flv What's hilarious about this is that it's from the se.org crew. CSRF is easy to exploit, especially when vulnerable flash players are used and they are widely used. This could be used in a social engineering attack to trick someone who inherently trusts social-engineer.org to run a malicious flash payload. This is simple.