{"id":26347213,"url":"https://github.com/yogsec/social-engineering-tactics","last_synced_at":"2026-02-11T03:01:53.468Z","repository":{"id":282278467,"uuid":"948064679","full_name":"yogsec/Social-Engineering-Tactics","owner":"yogsec","description":"Social Engineering Tactics contains real-world social engineering tactics used for manipulation, persuasion, and deception. Stay aware and stay secure! ","archived":false,"fork":false,"pushed_at":"2025-03-31T20:05:50.000Z","size":19,"stargazers_count":29,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-31T21:23:05.510Z","etag":null,"topics":["bugbounty","cyber-security","cyber-security-tool","cybersecurity","cybersecurity-tools","ethical-hacking","hacking","hacking-tools","set","set-toolkit","social-engineering","social-engineering-and-phishing-attacks","social-engineering-attacks","social-engineering-phrases","social-engineering-tactics","social-engineering-techniques","social-engineering-toolkit","social-engineering-tools"],"latest_commit_sha":null,"homepage":"https://linktr.ee/yogsec","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yogsec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["yogsec"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"lfx_crowdfunding":null,"polar":null,"buy_me_a_coffee":null,"thanks_dev":null,"custom":null}},"created_at":"2025-03-13T17:30:59.000Z","updated_at":"2025-03-31T20:28:18.000Z","dependencies_parsed_at":null,"dependency_job_id":"5d0eb6be-6aa2-4e42-8ecf-16787e304ae6","html_url":"https://github.com/yogsec/Social-Engineering-Tactics","commit_stats":null,"previous_names":["yogsec/social-engineering-tactics"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/yogsec/Social-Engineering-Tactics","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yogsec%2FSocial-Engineering-Tactics","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yogsec%2FSocial-Engineering-Tactics/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yogsec%2FSocial-Engineering-Tactics/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yogsec%2FSocial-Engineering-Tactics/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yogsec","download_url":"https://codeload.github.com/yogsec/Social-Engineering-Tactics/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yogsec%2FSocial-Engineering-Tactics/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271738092,"owners_count":24812265,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-23T02:00:09.327Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","cyber-security","cyber-security-tool","cybersecurity","cybersecurity-tools","ethical-hacking","hacking","hacking-tools","set","set-toolkit","social-engineering","social-engineering-and-phishing-attacks","social-engineering-attacks","social-engineering-phrases","social-engineering-tactics","social-engineering-techniques","social-engineering-toolkit","social-engineering-tools"],"created_at":"2025-03-16T07:16:14.785Z","updated_at":"2026-02-11T03:01:53.453Z","avatar_url":"https://github.com/yogsec.png","language":null,"funding_links":["https://github.com/sponsors/yogsec"],"categories":[],"sub_categories":[],"readme":"# Social Engineering Tactics\n\nWelcome to the **Social Engineering Tactics** repository! This repo. contains ** real-world social engineering tactics** used for **manipulation, persuasion, and deception**. Stay aware and stay secure!\n\n![social engineering tactics list](https://media1.giphy.com/media/v1.Y2lkPTc5MGI3NjExOTcwdTMyem01YTJxaG5yM2I0bGNkOXEweDFuenR6aXI0dmFlNjd1dSZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/mSXSC0vivvygw/giphy.gif)\n\n\u003cdiv align=\"center\"\u003e\n      \u003ca href=\"https://www.whatsapp.com/channel/0029Vb68FeRFnSzGNOZC3h3x\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=WhatsApp+Channel\u0026amp;color=25D366\u0026amp;logo=\u0026amp;logoColor=FFFFFF\u0026amp;label=\" alt=\"WhatsApp Channel\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://t.me/HackerSecure\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=Telegram+Channel\u0026amp;color=24A1DE\u0026amp;logo=\u0026amp;logoColor=FFFFFF\u0026amp;label=\" alt=\"Telegram Channel\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.linkedin.com/in/cybersecurity-pentester/\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=LinkedIn\u0026amp;color=0A66C2\u0026amp;logo=LinkedIn\u0026amp;logoColor=FFFFFF\u0026amp;label=\" alt=\"LinkedIn\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://linktr.ee/yogsec\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=LinkTree\u0026amp;color=25D366\u0026amp;logo=\u0026amp;logoColor=FFFFFF\u0026amp;label=\" alt=\"WhatsApp Channel\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://x.com/home\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=X\u0026amp;color=000000\u0026amp;logo=\u0026amp;logoColor=FFFFFF\u0026amp;label=\" alt=\"Lichess\"\u003e\u003c/a\u003e\n  \u003ca href=\"mailto:abhinavsingwal@gmail.com?subject=Hi%20YogSec%20,%20nice%20to%20meet%20you!\"\u003e\u003cimg alt=\"Email\" src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=Gmail\u0026amp;color=EA4335\u0026amp;logo=Gmail\u0026amp;logoColor=FFFFFF\u0026amp;label=\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://yogsec.github.io/yogsec/\"\u003e\u003cimg src=\"https://img.shields.io/static/v1?style=for-the-badge\u0026amp;message=Website\u0026amp;color=FFFFC5\u0026amp;logo=\u0026amp;logoColor=FFFFFF\u0026amp;label=\" alt=\"Telegram Channel\"\u003e\u003c/a\u003e  \n  \n\u003c/div\u003e\n\n---\n\n## 📌 Categories of Social Engineering\n- **Psychological Manipulation** 🧠\n- **Building Trust \u0026 Rapport** 🤝\n- **Elicitation Techniques** 🎯\n- **Impersonation \u0026 Pretexting** 🎭\n- **Persuasion Tactics** 🏆\n- **Digital Social Engineering** 🌐\n- **Physical Social Engineering** 🏢\n- **Advanced Social Engineering** 🚨\n\n---\n\n## 🧠 Psychological Manipulation Tactics\n1. **Reciprocity Pressure** – \"Here’s a free sample, now could you buy something?\"\n2. **Authority Influence** – \"The CEO asked me to collect this data from you.\"\n3. **Social Proof Manipulation** – \"Everyone else has done it—why not you?\"\n4. **Scarcity Effect** – \"Only 2 spots left! Hurry!\"\n5. **Commitment \u0026 Consistency** – \"You signed up for a free trial, why not the full plan?\"\n6. **Urgency Triggers** – \"Act now before it’s too late!\"\n7. **Fear-Based Persuasion** – \"If you don’t update now, you’ll lose your account.\"\n8. **Guilt-Inducing Requests** – \"I helped you before, can’t you return the favor?\"\n9. **Exploiting Sympathy** – \"I lost my wallet, can you lend me money?\"\n10. **False Sense of Obligation** – \"You’re my best friend; I know you’ll help me out.\"\n\n---\n\n## 🤝 Building Trust \u0026 Rapport\n11. **Mirroring \u0026 Matching** – Copying someone’s gestures to seem relatable.\n12. **Compliment-Based Influence** – \"You’re amazing at this! Can you help me?\"\n13. **Artificial Common Interests** – \"Oh, you love photography too? So do I!\"\n14. **Using Humor to Disarm** – Joking before making a request.\n15. **Strategic Name-Dropping** – \"John said you’re the best person to ask.\"\n16. **Fake Shared Experiences** – \"I remember you from that event last year!\"\n17. **Using Authority Figures** – \"Your boss recommended I reach out.\"\n18. **Selective Vulnerability** – \"I’m new here, could you guide me?\"\n19. **Forced Familiarity** – Acting as if you already know someone.\n20. **Using Social Media Info** – \"I loved your recent post on LinkedIn!\"\n\n---\n\n## 🎯 Elicitation Techniques\n21. **Open-Ended Questioning** – \"How do you handle password resets?\"\n22. **False Confession Baiting** – \"I already know, but I need confirmation.\"\n23. **Strategic Pauses** – Staying silent to make the other person talk.\n24. **Flattery for Disclosure** – \"You know so much about this, tell me more!\"\n25. **Fake Confidentiality** – \"Just between us, how does your system work?\"\n26. **Reverse Psychology** – \"You probably don’t have access to this, right?\"\n27. **Implying False Info** – \"Your office is on the 3rd floor, right?\"\n28. **Playing Dumb** – \"I don’t understand, can you explain in detail?\"\n29. **Fake Surveys for Data** – \"Take our quick security survey for a reward!\"\n30. **Gossiping to Extract Info** – \"I heard something about a new project… do you know anything?\"\n\n---\n\n## 🎭 Impersonation \u0026 Pretexting\n31. **Posing as IT Support** – \"We need your login details to fix an issue.\"\n32. **Pretending to Be Lost** – \"Hey, do you work here? Can you show me around?\"\n33. **Impersonating an Authority** – \"I’m from corporate security; I need access.\"\n34. **Calling as a “New Employee”** – \"Hey, I’m new. What’s the WiFi password?\"\n35. **Acting as a Delivery Person** – \"I have a package for the manager—can I drop it off inside?\"\n36. **Fake Job Offers** – \"We’d like to hire you; just send us your ID and bank details.\"\n37. **Acting as a Journalist** – \"I’m writing an article—can you share internal details?\"\n38. **Fake Emergency Situations** – \"Your account is compromised! Confirm details now.\"\n39. **Pretending to Be an Old Friend** – \"Hey, remember me from high school?\"\n40. **Fake Customer Complaints** – \"I need my order details; can you verify my account info?\"\n\n---\n\n## 🌐 Digital Social Engineering\n51. **Fake Phishing Emails** – \"Your password is expiring, reset now!\"\n52. **Social Media Manipulation** – Pretending to be someone else online.\n53. **Fake Online Contests** – \"Win a prize! Enter your details.\"\n54. **Creating False LinkedIn Job Offers** – \"We have an open position; send us your CV.\"\n55. **Fake Friend Requests** – Adding someone to gain personal details.\n\n---\n\n## 🏢 Physical Social Engineering\n61. **Tailgating into Secure Locations** – Following someone through a door.\n62. **Dumpster Diving for Data** – Looking through trash for useful info.\n63. **Shoulder Surfing for Passwords** – Watching someone type their password.\n64. **Posing as Maintenance Staff** – \"I need to fix the WiFi in your office.\"\n65. **Using Fake IDs for Entry** – Showing a fake badge to enter.\n\n---\n\n## 🚨 Advanced Social Engineering\n71. **Fake Police or Government Calls** – \"This is the IRS. We need your details.\"\n72. **Fake HR Emails** – \"Update your employee records here.\"\n73. **Fake LinkedIn Recruiter Messages** – \"We have a job opening for you!\"\n74. **Fake Bank Calls** – \"We detected suspicious activity—verify your info.\"\n75. **Fake Social Media Giveaways** – \"You’ve won! Enter your details here.\"\n\n---\n\n## 🛡️ How to Defend Against Social Engineering\n- **Always verify identities** before sharing information.\n- Be skeptical of **urgent** or **emotionally charged** requests.\n- Use **multi-factor authentication (MFA)** to protect accounts.\n- **Limit social media sharing** of personal details.\n- Train employees \u0026 teams on **security awareness**.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyogsec%2Fsocial-engineering-tactics","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyogsec%2Fsocial-engineering-tactics","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyogsec%2Fsocial-engineering-tactics/lists"}