So I watched this talk the other day. It’s a brilliant talk, the recording is a bit quiet and I would recommend turning up the volume to watch it. If you are interested in the human aspect of security it’s a great starting point. It mostly covers the basics of body language, psychology, NLP etc. (all things I like to think I have an understanding of) There’s not much I can improve on, it really is a good talk. However it got me thinking, if you are new to this there’s a lot you have to remember and do, if you are just going from not knowing anything to making snap judgments and adjusting your body language and behaviour accordingly in real-time. So as the title suggests, this is about reconnaissance – Getting as much information about the target you can before you engage with them.

The scenario is: You have a couple of hours where you can watch the target through a window, what can you learn about them? how can you better prepare yourself to build rapport as quickly as possible?


body language
This should be the first thing you should look for, it’s an obvious way to tell how a person is. There are hundreds of books on this topic and various ways of reading people and telling how their feeling or what they’re thinking… some tell-tale signs are:
– crossed arms (defensive or angry)
– palms up (open / honest)
– relaxed posture (sign of innocence)
– nervous, confident, stressed etc.

A good resource for information on this can be found here

This is about finding out a persons learning style, whether it’s auditory, visual or kinesthetic… there are resources all over the web on how to tell, some say it depends on where a persons eyes point when their thinking, and there are various other methods, such as wearing “feeling” clothes, things that feel different most probably means they are a kinesthetic personality.

Once you know this you can tailor your language to appeal to the target. This is a common technique for salesmen and applies well to social engineering. Building rapport quickly and knowing what motivates someone.

Although the scenario is being able to do this from afar I feel this should be discussed also. speech is a great way to profile someone. It can tell you the region they are from and a little on their personality… if they use words like “fabulous” or “fantastic” they are most likely flamboyant in nature, likewise if they use highfalutin words they probably had a good education or are covering for one form of insecurity or another.

Mirroring is a common way to build rapport, and usually this is with regards to body language, but people forget this also applies to speech, mirroring the tone and speed of speech will make the target subconsciously think you must me a like-minded person.

Studying a persons habits can tell you a lot about a person. are they doodling? then they are probably a visual thinker. Drumming a beat with their fingers, probably auditory (maybe kinesthetic) I’m hoping you are starting to see a trend here, but yes this can be used to build rapport.

How people dress is an interesting one. For this I am going to include their hair. Even if a person is in a company uniform they probably still have their own shoes/trainers, are the clothes wrinkled? ironed? If they are neat, polished shoes, neat hair, taking pride in their appearance, they most likely have a conservative personality. Unkempt clothes (hole in shoes, not ironed, messy hair) they may be a sloppy person, either that or they prefer to be relaxed or comfortable… this you will have to decide for yourself and use your judgement on.

The colour of someones clothes can tell you a lot about them. there are many many articles on this and I recommend you google around and find some for yourself, an example would be here

How a person positions themselves can tell you a lot about them. If they are standing it is an overpowering position, they see themself as a person of power or authority. Sitting – the opposite, they are most likely docile. If someones feet are pointed away from others they want to leave the conversation. This is really more body language, but I feel is important to do… also you should remember that this can change from day to day, it is most usually shown from a persons mood that day.

Personality profiles
There are many many different personality profiles, some better than others, it’s really a matter of personal preference. some are DISC, Hartman colours, Big five. This is really a case of learning them all, seeing which one you prefer, or multiple, theres nothing saying you can’t use more than one. This is all about profiling people, putting them into groups, understanding how they work and how you can best leverage this for your own means.

