---
name: social-engineering
description: Social engineering testing - phishing, pretexting, vishing, and physical security assessment techniques.
---

# Social Engineering

Test human-factor security through authorized social engineering campaigns.

## Techniques

- **Phishing** - Email campaigns, spear phishing, credential harvesting
- **Pretexting** - Scenario-based manipulation, impersonation
- **Vishing** - Voice-based social engineering
- **Physical** - Tailgating, badge cloning, dumpster diving

## Workflow

1. Define campaign scope and authorization
2. Develop pretexts and materials
3. Execute campaign with tracking
4. Measure success rates and capture evidence
5. Report findings with awareness recommendations

## Reference

- `reference/social-engineering.md` - Social engineering techniques and methodologies