Chapter 11

The Physical Attack Vector

Gavin Watson,    Senior Security Engineer, RandomStorm Limited

In previous chapters, the groundwork has been laid for an attack. Now it’s time for the real fun, getting into the target, and completes the assessment. The physical side of social engineering is an adrenaline filled roller coaster of highs and lows. This chapter will help to make the most of any limited time on-site and hopefully get away without being caught.


Dumpster diving; shoulder surfing; rogue access points; props and disguises; badges and lanyards; tailgating

Information in this chapter

• Building on the e-mail and telephone attacks

• Active information gathering

• Dumpster diving

• Shoulder surfing

• Photography

• Reception area


