A long habit of not thinking a thing wrong, gives it a superficial appearance of being right… Time makes more converts than reason.

—Thomas Paine

Processing information to weaponize and leverage is a neccessary cognitive skill to get into the attacker mindset and use it to its greatest potential. To process information, you have to collect it. You can collect information four main ways: by obtaining, observing, theorizing, and inferring. If you choose the latter two, you will then have to search for information to validate your thoughts.

After you have collected the information, you have to parse it. You will then put it in one of these three buckets:

• Recon: Made up of information that familiarizes you with your targets and their environments
• Pretext: Consists of information that you can directly weaponize in order to disguise yourself as a threat
• Disregard: Consists of items that aren't useful in either of these ways—information you simply dismiss

Once you've decided which bucket the information should go in, you have to weaponize it within its limits, which means not stretching the information for more than it's worth. For example, knowing a company uses Splunk doesn't permit you to call up impersonating a system administrator, security engineer, or Splunk administrator. You will likely not have enough information to fulfill your call objective if you hope to learn more than just how the organization reacts ...