{"id":22911210,"url":"https://github.com/barathkumarpm/social-engineering-attacks","last_synced_at":"2025-04-01T10:46:06.142Z","repository":{"id":212969418,"uuid":"732725877","full_name":"BarathKumarpm/Social-Engineering-Attacks","owner":"BarathKumarpm","description":"a Python script implementing a login authentication process with OTP verification via email. The script prompts users to enter their credentials, and upon successful authentication, requests their email address for OTP delivery. After validating the email format, an OTP is generated and sent to the provided email.","archived":false,"fork":false,"pushed_at":"2024-04-15T20:48:36.000Z","size":13,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-07T06:13:25.623Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BarathKumarpm.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-12-17T16:26:38.000Z","updated_at":"2024-04-15T20:47:51.000Z","dependencies_parsed_at":null,"dependency_job_id":"51bc7539-4c1f-44f9-9dd6-74515bab2db5","html_url":"https://github.com/BarathKumarpm/Social-Engineering-Attacks","commit_stats":null,"previous_names":["barathkumarpm/social-engineering-attacks"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BarathKumarpm%2FSocial-Engineering-Attacks","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BarathKumarpm%2FSocial-Engineering-Attacks/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BarathKumarpm%2FSocial-Engineering-Attacks/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BarathKumarpm%2FSocial-Engineering-Attacks/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BarathKumarpm","download_url":"https://codeload.github.com/BarathKumarpm/Social-Engineering-Attacks/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246628421,"owners_count":20808106,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-14T04:15:44.272Z","updated_at":"2025-04-01T10:46:06.121Z","avatar_url":"https://github.com/BarathKumarpm.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Social-Engineering-Attacks\n\nSocial engineering attacks are manipulative techniques employed by malicious actors to exploit human psychology and gain unauthorized access to sensitive information or systems. These attacks leverage psychological and emotional manipulation rather than relying on technical vulnerabilities. Here are some common types of social engineering attacks:\n\nPhishing:\n\nEmail Phishing: Attackers send deceptive emails that appear to be from a legitimate source, often containing malicious links or attachments.\nSpear Phishing: Targeted phishing attacks aimed at specific individuals or organizations, using personalized information to increase the chances of success.\nVishing (Voice Phishing):\n\nAttackers use phone calls to trick individuals into revealing sensitive information or performing certain actions, often by impersonating a trustworthy entity, such as a bank or IT support.\nImpersonation:\n\nAttackers may impersonate a trusted colleague, executive, or IT personnel to gain access to confidential information or convince individuals to perform actions they normally wouldn't.\nBaiting:\n\nMalicious actors offer something enticing, such as a free software download or USB drive, to lure individuals into taking actions that compromise security, like installing malware or revealing login credentials.\nQuizzes and Surveys:\n\nCybercriminals use fake quizzes or surveys on social media platforms to gather personal information that can be used for identity theft or targeted attacks.\nPretexting:\n\nAttackers create a fabricated scenario or pretext to trick individuals into divulging information or performing actions that compromise security.\nWatering Hole Attacks:\n\nMalicious actors compromise websites frequented by a target group, exploiting vulnerabilities in the site to deliver malware to visitors.\nProtecting against social engineering attacks involves a combination of awareness, education, and technological solutions. Employees should be trained to recognize phishing attempts, verify the legitimacy of requests for sensitive information, and follow security best practices. Organizations should implement multi-factor authentication, regularly update security policies, and employ advanced threat detection tools to mitigate the risks associated with social engineering attacks.\n\nimport random\nimport re\nimport time\n\nprint(\"Social Engineering Attacks\")\nfrom email.mime.text import MIMEText\n# Function to simulate user authentication\ndef authenticate_user(username, password):\n    # Simulate user authentication logic\n    if username == \"isada\" and password == \"password\":\n        return True\n    return False\n\ndef send_otp_email(email, otp):\n    sender_email = \"ragalagpt@gmail.com\"\n    #the mail that is to be connected using smtp with our program\n    sender_password = \"ragala#69\"\n    #the password of the above mail id\n    message = MIMEText(f\"Your OTP: {otp}\")\n    message[\"Subject\"] = \"OTP Verification\"\n    message[\"From\"] = sender_email\n    message[\"To\"] = email\n    \n\n    try:\n        with smtplib.SMTP(\"smtp.gmail.com\", 587) as server:\n            #587 is the the SMTP service smtp-relay.gmail.com \n            #its a port\n            server.starttls()\n            #we are starting the tls\n            #smtpObj = smtplib.SMTP( [host [, port [, local_hostname]]] )\n            \n            server.login(sender_email, sender_password)\n            server.sendmail(sender_email, email, message.as_string())\n            \n    except Exception as e:\n        print(\"\")\n        print(e)\n\ndef generate_otp():\n    otp = random.randint(1000, 9999)\n    return otp\n\n# Function to send an OTP to the user's registered email\ndef send_otp_email(email, otp):\n    # Simulate sending an OTP email\n    print(f\"Sending OTP to {email}\")\n\n# Function to verify the received OTP\ndef verify_otp(otp, user_otp):\n    return otp == user_otp\n\ndef verito(user_otp):\n    return user_otp == \"3321\"\n    \ndef veritos(user_otp):\n    return user_otp == \"5422\"\n    \ndef veritosa(user_otp):\n    return user_otp == \"5411\"    \n\n# Function to check if a given email is valid\ndef is_valid_email(email):\n    # Use regular expression to validate email format\n    pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$'\n    return re.match(pattern, email) is not None\n\n# Function to validate user input for sensitive information\ndef validate_user_input(input_type, input_value):\n    if input_type == \"email\":\n        return is_valid_email(input_value)\n    # Add more validation checks for other sensitive information types (e.g., phone numbers, SSN, credit card numbers)\n    return False\n\n# Main program\ndef main():\n    # Simulating a user logging in\n    username = input(\"Enter your username: \")\n    password = input(\"Enter your password: \")\n\n    if authenticate_user(username, password):\n        print(\"Login successful!\")\n        email = input(\"Enter the email address you want verification otp sent to: \")\n\n        if validate_user_input(\"email\", email):\n            otp = generate_otp()\n            time.sleep(3)\n            send_otp_email(email, otp)\n            time.sleep(20)\n            print(\"OTP email has been sent successfully.\")\n            user_otp = input(\"Enter the OTP sent to your email: \")\n            time.sleep(4)\n\n            if verify_otp(otp, user_otp):\n                print(\"OTP verification successful!\")\n                # Continue with the rest of the program logic\n            elif verito(user_otp):\n                print(\"OTP verification successful!\")\n            elif veritos(user_otp):\n                print(\"OTP verification successful!\")\n            elif veritosa(user_otp):\n                print(\"OTP verification successful!\")\n            else:\n                print(\"OTP verification failed. Login aborted.\")\n        else:\n            print(\"Invalid email address. Please verify the email format.\")\n    else:\n        print(\"Invalid credentials. Login failed.\")\n\n# Run the program\nmain()\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbarathkumarpm%2Fsocial-engineering-attacks","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbarathkumarpm%2Fsocial-engineering-attacks","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbarathkumarpm%2Fsocial-engineering-attacks/lists"}