My Papers


Attacking Third Party Tracking. 2600 - The Hacker Quarterly. Autumn 2006: 23-3

Information Security from an Intelligence Analysis Perspective

Security and Obscurity on the Internet

Security Philosophy

Social Engineering Vulnerability Evaluation and Recommendation (SEVER) Project
This is a formal methodology for social engineering. There is a lot of cool stuff packed into the instructions so you must read both of the documents.
While it is largely intended for penetration testing some of the techniques are too extreme for that purpose. I want to include all of the concepts that I can think of so feel free to write a watered-down version for business purposes if you'd like.
Thank you to Andrew Reyes for the Spanish translation!
SEVER Instructions
Older Spanish version of the instructions
SEVER Worksheet

Stupid Google Tricks. 2600 - The Hacker Quarterly. Spring 2002: 10-11

Warspying. 2600 - The Hacker Quarterly. Winter 2002-2003: 9