Welcome to the Social 3ngineering Framework (S3F), a behavioral cybersecurity framework focused on the human factor in cybersecurity, specifically, on trust manipulation tactics used in social engineering attacks.
| Resource Type | File | Description |
|---|---|---|
| MITRE Mapping | S3F_MITRE_ATTCK_CSIRT_Reference.md | ATT&CK-aligned tactics for technical teams |
| S3F TTPs | S3F_TTPs.md | Social 3ngineering TTPs Hierarchy |
| Playbook | S3F_SOC_Playbook.md | Incident response snippet with phase tags |
View the full S3F ASCII Tactics Tree
S3F breaks down the various phases of Trust Cycle similarly to MITRE ATT&CK, Lockheed Martin's Cyber Kill Chain, and others, in the following Tactics:
- Reconnaissance
- Pretexting & Deception
- Initial Contact
- Manipulate Trust
- Exploit Trust
- Weaponize Trust
Each Tactic consists of a number of Techniques, and Sub-Techniques that can be found on the TTP Dictionary.
📬 Maintained by curlycris13bits & mshelton 🔗 Fork and contribute your playbooks, simulations, or tools!