Hypnosis | Head Hacker

Social Engineering Zombies… Getting people playing your game

In the wonderful world of InfoSec we often talk about zombies, and the associated botnet zombie army. With our army of machines we can do our evil bidding, and wreak havoc upon the unexpected users of the Interwebs.

So what’s this got to do with social engineering? Well I was talking to Jayson Street last week about some of the techniques I have used to get information and assistance from people on the inside of an organisation to help me with an engagement, and I kind of a likened this to creating my own little army of zombies who are willing to do my bidding when asked.

So I will just talk you through a few scenarios, you can then use this information to help formulate your own approach on engagements, and use this information to enhance your training and awareness around social engineering.

One of the key things to realise when you’re looking to do anything that requires influencing and manipulating people, is that we are all going about life playing our own game, or if you’re an NLP fan, operating in your own frame. So when we want someone to accommodate our requests, we need to get them to stop playing their game, and start playing ours. We need to re-frame

One of my most successful approaches to this is social engineering is the use of the fake, and slightly altered get out of jail free letter. This letter will start off with congratulating the individual on challenging you, and to then further explain a modified story of what the engagement is, and that they can now be brought into the circle of trust and help facilitate.

This does a few things. First of all we are starting with positive acknowledgement of success. We all like to be told when we have done well, and having this confirmed in written form as well as verbally is a double whammy. You may even want to take this opportunity to anchor the positive emotions for later use. Next we are given formal written approval to help out on this engagement, so it must be official, and now feel abit more important. Lastly, and I think this is my favourite part; they are in brought into the circle of trust. No one likes anything more than to be part of the secret squirrel brigade, it’s all hush hush and James Bond like.

I find this approach works especially well with security guards. So then you have your zombie, who has internal knowledge and access to most areas within the facility.

Another approach is that of rapport and conformity. This approach requires time invested outside of the targeted facility. The recon process is essential, so you will build up a good understanding of the company, the various departments, and some key senior names etc. You then identify a common location where employees gather. This could be a lunch time or after work cafe or pub, basically somewhere that over time you can have a high level of certainty you will have the same people appear repeatedly.

The next stage is then to build up some rapid friendships, familiarity and some form of common ground. Everyone’s approach here is different, however as I have mentioned before I use the mentalism and beer route, on the premise that most people like a drink, and magic.

So from here people will see me doing different demos in that environment, work your way around to the target, whilst building up their interest. At the appropriate time you start interacting, showing the individuals something interesting, and getting people laughing and having a good time. We like people who make us laugh, and we like people who we consider to be similar to ourselves. Now is the opportunity to also ask information about them, where they work, what department etc, this is achieving confirmation of your research, and is building up rapport. You can then reciprocate with false information about you recently joining the company also, and mentalism etc is your hobby when you’re not working it such and such department.

Now we have a new friend. Friends look out for each other. We can use this friend to get abit more information about the business, strengths and weaknesses. Now when we look to get into the company we can utilise our friend, either entering at the same time as them, or having reception call them to verify you.

So there are just two examples of methods you can use to get people playing your game, you may look to use this directly as described or more indirectly and use these techniques for misdirection to assist a colleague to gain entry.

Finally I will give you a hypnotic example of creating your own REAL Zombie utilising the power of the mind.

Those of you who are not familiar with hypnosis may be poo pooing this already, but please read on for enjoyment if nothing more.

So in this scenario I will use the similar approach with making a new friend, or at least building up a relationship that allows me to demonstrate mentalism and hypnotic phenomena.

So I will go through the motion, and assuming the subject is working well with me and what many would class as the more impressive phenomena such as amnesia is working, then I would look to make a post hypnotic suggestion and give amnesia for the suggestion. As an example you could give the suggestion that the next time you meet and say “let me in” you believe 100% unconditionally that I am authorised to be onsite, and to have access to any areas requested. You then remove conscious memory of this suggestion, in the knowledge that the subconscious will act as expected. If there is going to be a big time gap, it is important to include some time frames in the suggestion also.

The next step is of course to try it. Obviously you have tested other phenomena before giving this post hypnotic suggestion, so you do have a level of confidence, however the brain is a strange and mysterious things, and many things can impact the work you have done before hand. So as with all social engineering engagements, have a plan B, C, D, etc.

The longest I have gone between giving a post hypnotic suggestion, and executing it is a week, however in theory with the correct instruction and intent it should work weeks, months or a year’s gap. In my experience the less time you leave the suggestion, the more successful the results, however this is no doubt a skill issue with me, practice practice

As with all of this, look to practice with permission, and try things on a less elaborate scale. So try just making friends with people in pubs and cafes to test your rapport building skills. Try and get people to help you out in different situations and environments, get them playing your game. If you interested in the hypnosis side of things, of course most importantly is to learn the foundations first and then build up, then when you are at the right stage, try simple to understand post hypnotic suggestions. Something like when I tap you on the shoulder and ask you for a beer you will believe I have just bought you one and its now your turn. The process for the suggestions are all the same, obviously some have more of an impact if they don’t work than others.

Phenomena Activity… Hypno on Camera

So this post is abit late in the week, but I have been busy with work, as well as continual tweaking of the presentation I am working, and helping people to experience hypnosis.

So due to the time constraints I have opted to point you in the direction of the Video section of the site, where you can see 7 new videos of me hypnotising Olly.

Olly works at one of the customer sites I visit on a regular basis. I have hypnotised him before in a pub when we went out for someone’s birthday. He was happy to be hypnotised again, and gave me permission to make the recordings and put them online. The videos give a mixture of what I refer to as conventional (sleep) hypnosis and non trance (eyes open) hypnosis, and various hypnotic phenomena.

There is no fancy filming or flashy effects. As I was on my own I used a tripod with my mini Kodak HD camera to capture the footage. Filming also helps me (still need to be alot more confident on camera) spot where I make mistakes, and tune my approach.

The sample below shows Olly forgetting his name and the number 4 using conventional hypnosis methods. For more check out the videos section.

I would be interested to hear if you find these videos interesting and worth sharing with you? I always look to get some footage when out and about. However for obvious reasons permission is required, and not everyone wants to be a YouTube sensation

Feel free to subscribe to the YouTube Channel by clicking on the logo on the right hand side of the site.

Social Engineering… Is It Ethical??

When I speak to people (non Infosec passionate types) about the work and research I do around the content I post on Head Hacker, I normally get a few responses. Shock, Disgust and Intrigue. People are shocked because they are not aware of some of these skills and process, they are disgusted because it’s not right, it’s not ethical, and a breach of human rights, and then we have the intrigue as I start to really explain what it’s all about, and what I am doing. People are curious of how this knowledge can help and protect them.

So this got me thinking, perhaps I should write a post on why I think people think social engineering is unethical, and why I consider the majority to be ethical, I do think in some circumstances there is a grey area. I have asked quite a few people about their ethical standpoint when it comes to social engineering, as I have on a couple of occasions had semi heated discussions with organisations about techniques that can and can’t be used on an engagement. I personally find most professionals ethical in their approach, but some comments from some do make me shudder. I am confident in the fact that I only operate in areas where I feel comfortable that I will be operating in an ethical manner, other areas I have not quite figured out continue to be researched and debated both internally and externally.

In the research I have done on ethics of social engineering, I have really not found there to be anything about, perhaps people don’t care? I think it is a real issue that all professionals should consider, and take time to reflect upon.

Why people think Social Engineering is unethical….

In my experience most people say social engineering is unethical because you are tricking, or conning someone, stealing data about them, using the information to access sensitive information, get free stuff, gain entry and generally manipulate people to do things, or disclose information. I totally understand this thought process, and in a way I think they are correct, there are people out there doing this, and they are both good and very effective with the skills they have, they have become life time criminals.

The key issue here is the perception and it’s a negative one. Not everyone uses their knowledge and skills for breaking the law, they use their skills and knowledge to better the populous, inform and educate to make people less likely to become a victim. The truth of the matter is, you don’t really stand a chance of beating the bad guys unless you are exposing yourself to the same skills, tools and environments.

In an effort to draw an example, medicine can be used to cure and relieve pain in the right hands. The same medicine in the wrong hands and with the wrong intent can be used to inflict pain, and even kill. Knowledge, process, tools, etc can all be used for positive and negative, it’s the individual who is responsible for the actions and result.

Why and how I think Social Engineering can be ethical….

The first reason I think social engineering is ethical is due to the intent. Now I am not saying that the outcome of the exercise may enable someone to do something malicious, but I don’t think this is a justifiable reason not to gain knowledge, research, test and experiment. If we never did this, the human race wouldn’t evolve. So I feel that any social engineering engagement or activity I undertake or become involved in is for a positive outcome and where appropriate I always seek permission at a high level, and understand any specific areas that are no go, as well as using my own common sense and experiences to guide me. People intentionally manipulate people every day; we have all been doing this since birth. We all have different reasons for manipulation; perhaps we feel it would be best for the person, or best for us. When we negotiate to get a reduction on an item we are buying, this is a form of manipulation, but as we feel we are not harming anyone, it’s considered ethically and morally ok.

So I feel that if you are researching, carrying out SE with permission, and using the information to benefit people, and educate and bring awareness it can be ethical, and this is certainly how I believe I go about things.

It’s a little grey….

So there are some grey areas. Can an organisation give you permission to manipulate and extract information from the staff they employ? Should people who are subject to social engineering activities be punished for being the weak link in the chain? If you gain generic permission, let’s say to hypnotise, then you use this permission to extract sensitive data, is that ok? I am sure we can all think of many more situations that are not so clear.

To be honest, when it comes to these grey areas I am not sure on all the answers. However I try to limit these grey areas by defining up front in an appropriate level of detail what could happen as part of the assessment, types of scenarios and ways to extract data, and that individuals will not be named in reports. Obviously the company may use other techniques to help identify how this information was gained, but that is outside my scope of responsibility. So to that end I would say that I am operating in an ethical manner, and so would anyone else that has considered the above issues. When in doubt don’t do it, if your internal ethical and moral compass is unable to guide you, get additional information and input from others who are in an informed and experienced position.

I certainly don’t think the grey areas are reasons not to carry out social engineering engagements, the criminals are not concerned about ethics, and to test we need to adopt this mindset to a certain degree. It is also important to share our thoughts and research, and we have to let the individuals dig further and use this information as they feel is most appropriate.

So to conclude, if you are interested in social engineering, and you want to work with, investigate and research the skills associated, do so in a professional and ethical manner, be mindful of what you’re planning, put yourself in the subject’s position, how would you feel if someone did to you, what you are planning on doing to them. If you’re happy, then its most like a good sign you will be operating in an ethical manner.

No one has all the answers, but it’s a conversation worth having, and to continually question is a good thing. I hope people reading this will want to share their thoughts and experiences, so I welcome and look forward to reading your comments.

Sub Zero Mind Reading.. The Art of Cold Reading

I know what your thinking! See what I did there Seriously though this post is going to give you a little insight into cold reading, what its all about, a few facts and some ideas how you might want to put this skill to good use.

Wikipedia Definition – Cold reading is a series of techniques used by mentalists, illusionists, fortune tellers, psychics, mediums and con artists to determine or express details about another person, often in order to convince them that the reader knows much more about a subject than they actually do. Without prior knowledge of a person, a practiced cold reader can still quickly obtain a great deal of information about the subject by analyzing the person’s body language, age, clothing or fashion, hairstyle, gender, sexual orientation, religion, race or ethnicity, level of education, manner of speech, place of origin, etc

So what is cold reading all about? Essentially its the process of giving general statements (Barnum Statements) that an individual will find and believe to be very specific and meaningful to them as an individual. This can be achieved by generic statements, or using information gleamed from other sources, body language and general observation.

You may have experienced this yourself if you have been to see a psychic, palm reader or similar. Now before anyone flames me, I am not saying that some people may not have a gift, or at least believe they do, but I have not seen for myself or seen anything documented that convinces me that some sort of cold reading is not at work. Depending on your scepticism you may find the experience interesting, revealing and worth the money, you probably also like to read about your star signs in the daily newspaper also.

The reason I don’t bother trying to convince people otherwise is for two reasons. First of all we are all entitled to our own opinions, and as long as you are entering into the experience with a sound head on your shoulders, and are happy to shell out the money, I guess there is no harm. The other reason is that I have tried to explain in my opinion why its all a load of crap, and I had the opposite outcome and the individuals involved believed that I had some sort of psychic abilities. I thought it was rather humorous, so I will quickly give an overview of the story.

So I was in a pub (common theme here) and a couple of friends where talking about how they had been to see a psychic and how accurate they were, and how it would help them make some difficult decisions they are being faced with. So I said I thought it was all a load of crap, etc etc, and I could prove it as I could give them a reading using a system I had partially learnt at the time. So I went through the process with the first friend, getting them to visualise, etc etc. Then gave them what they called an amazing reading, they were amazed at the accuracy for things I couldn’t have known. The other friend was then also keen after this. Another reading, totally different and again spot on. I was sure I had proven my point. Sadly the result was that as well as being a hypnotist, I must also have some sort of psychic powers, I have the gift…… I give up

From a social engineering perspective I believe there are a few benefits. With my style of SE, where I look to use a mixture of performance, mentalism, hypnosis etc to get information in a social environment it has obviously benefits as the example above gives. You can leverage a good cold reading to then have an intensive and revealing discussion, and during this time extract specific information you may be after for an engagement. Its probably not a surprise after this type of phenomena people are either very curious and want to discuss more, or have totally bought into you, rapport is at an all time high and they could be willing to share all sorts with you.

Obviously once you become more familiar with the process, and the lingo you can simply use the methods and statements in a non psychic setup. Simply use the cold reading techniques to aid with getting buy in, manipulating a subject. You can use these skills to make people more interested in you as well as making people uncomfortable. This can be done in person, via the phone and even my mail. As the statements will appear to give you knowledge about the situation, individual and context of discussion. I really do suggest people look into cold reading at some level with the mindset of applying it in a social engineering context.

If you are interested in reading about cold reading, and how it can be used for manipulation I really do recommend The Full Facts of Cold Reading, by Ian Rowland. Its contents will help you understand the techniques of cold reading, where you take and use these techniques is up to you.

Feel free to check out the Resources section regularly for my recommended readings and products.

Examples of Barnum Statements:

You’ve gone through a lot of ups and downs over the past few years, emotionally and financially, and that has caused some stress in your life.
You have a creative streak that you aren’t always able to indulge in.
You have a fear of rejection.
You feel guilty about and worry about things that are completely out of your control.
You are often too critical of yourself.
Some of your goals seem to be a little unrealistic
You do not accept what others tell you to believe

Derren Brown’s Enigma… Awesome Show!!

Last night I went to see Derren Brown’s Enigma show at the Alexandra Theater in Birmingham. Its not surprise that I am a huge fan of his work, hes a great manipulator and performer. The show was excellent, I really enjoyed the control Derren has over his audience, and what I consider to be very subtle and highly effective linguistic skills. The show lasted almost 3 hours including a little break (I took the opportunity to do some card mentalism at the bar), and he really was on form throughout. Derren asked that no one speaks about the content of the show, so I will respect his wishes, but I really do recommend you go and see the show if you can, you will not be disappointed. The show has given me some other ideas and applications for my mentalism, as well as another possible SE approach, I look forward to developing these.

I will say I only had one disappointment, and that was not getting to say hello to Derren after the show. Apparently he wasnt feeling to well, which is fair enough, shame the guy on the door was a complete arse (not part of Derren’s entourage).

I am sure this will be released on DVD at some point as I believe it was filmed, and he has a new book coming out soon, so if your a fan keep on the look out.

Ride the waves of sensation… Its all about anchoring

You know when you see an object, or hear a song and it instantly takes you back to a moment, and you begin to experience feelings and emotions as if you where re living it. This is essentially what anchoring is, and this is an association we can force and link with an action, sound or situation. We can use this via an NLP approach, or using Hypnosis in the form of a post hypnotic suggestion based trigger.

Wikipedia Definition – Anchoring is a neuro-linguistic programming term for the process by which memory recall, state change or other responses become associated with (anchored to) some stimulus, in such a way that perception of the stimulus (the anchor) leads by reflex to the anchored response occurring. The stimulus may be quite neutral or even out of conscious awareness, and the response may be either positive or negative. They are capable of being formed and reinforced by repeated stimuli, and thus are analogous to classical conditioning.

So its all very interesting, but what good is the knowledge of anchoring to anyone. There are many benefits from a treatment perspective, as well as being a professional in general. In both of these scenarios the subject can focus, concentrate and imagine themselves in a situation of peacefulness, happy, or situation where confident assuming this is the goal. When the subject is in this state, reliving, seeing, feeling, hearing everything associated with this experience, and as it builds this can be anchored to a touch to a specific part of the body. The result should now be that this pleasurable, confident feeling or what ever it may be can be instantly associated when the specific part of the body is touched. These anchors don’t last forever so in the case of therapy should be reinforced on a regular basis, but I am sure its clear to see how this can help when perhaps nervous about giving a presentation, or a situation that may make you nervous, triggering the anchor to give you a boost.

I know what your thinking, this is all well and good, but I am a social engineer, I am about manipulation and getting the job done, I am not interested in therapy for others, and trying to cheer people up when they are feeling down. So don’t you think there may be situations where it would be advantageous to bring someone into a cheerful state when you are trying to manipulate them? Are we not more responsive and accommodating when happy, rather than sad? How about creating a situation of confusion or doubt, where there is uncertainty in your presence somewhere.

These are all situations you can generate and then anchor for later use, alternatively if you observe a naturally occurring anchored sequence that could be used to your benefit, you can simply steal that anchor. As with other methods I have described, my standard approach to these techniques is to carry out the work in a non work environment, so in a bar, cafe etc. A simple effect for confusion could be making someone think green was yellow, and then anchoring that confused state to an arm tap. If you decided to go the hypnosis route, its really more a post hypnotic trigger. So you will give someone instruction under hypnosis that at a later date when you show them something, say something or touch them somewhere they will act in a certain way. Under hypnosis the trigger can be alot more detailed, and seems to last for a longer period of time.

Obviously creating the opportunity is the really difficult part, so that will all be dependant on people styles and how touchy feely, both you are your subject are, as obviously for anchoring some physical contact is usually required.

So this is pretty easy for you to practice with a friend or partner, if you look on YouTube you can see various videos of people doing this. Essentially get your friend or partner to close their eyes and remember a time when they felt a great sense of well being, get them to develop that thought, so they are back there now, seeing what they say, hearing what they heard. As you see the smile, grin or laughter give a firm touch to the right knee (as an example), I normally add the comment of “Thats Right” as you re-experience those emotions now.

Now have them relax and become kinda neutral in feeling, then touch the knee again, this should bring a smile to the face, having them once again experience those positive, enjoyable thoughts, putting them into a happy state. It sounds simple, and it is. Get permission from those you practice with, remember to be responsible and ethical. You can practice anchoring on yourself, however I find trying to focus more difficult as you try and remember what your doing, so leave this until after you are familiar with the process.

Its Hypnosis Jim, but not as we know it.. Hypnosis without trance

Once again I am going to be jabbering on about Hypnosis again. So if you have not noticed by now hypnosis is something that is of great interest to me, and I think having at minimum an understanding of hypnotic language is a valuable addition to your social engineering toolset.

So just a quick history to bring us upto date. I had read a couple of books on hypnosis pre 2009, but things had never really hit home. Then I think it was March 2009 I stumbled across Anthony Jacquin‘s “Reality is Plastic” on a magic forum, and read about the success this guy was having with hypnosis since following the concepts discussed. Well it had me sold so I bought it, and thanks to this book I became The Hypnotist. I also studied other writings, online information and DVDs from Anthony, as well as speaking with him and his business partner Kev Sheldrake helped me develop my skills. I call the method of Hypnosis I learnt from Anthony “conventional” hypnosis, in the sense that it involves the concept of trance, inducing sleep and deepening. I have, and continue to get great success with this approach, and I love it to bits. The only negatives I have found is that if you don’t set up the context right, success issues occur, but that’s a hypnotist issue, and the other is using it from a social engineering perspective, you have to be more creative, and that’s no good if your lazy.

So as mentioned before when I was at the Blackpool Magic convention with Anthony and Kev, I was introduced to James Tripp, and he told me about his Hypnosis Without Trance method of Hypnosis. We spoke about what I do, and the social engineering aspects and we agreed that there is some possible clear benefits. Since Blackpool I have had various online interactions with James, and studied some of his online material, and then began utilising his approach in combination with “conventional” Hypnosis with great results. I didn’t feel as confident with the non trance approach to some extent, I think in a way because I had not officially read, or studied the approach, as a result there was some internal doubt. This was part of the reason for attending the No Fail Protocol Special, and looking to attend James’s Hypnosis Without Trance Workshop.

So fast forward to the 15th May 2010 and I am sat in Regents College in London on the Hypnosis Without Trance Workshop, ready for a weekend of educating my grey matter as well as hacking some

What can I say, it was an excellent two days. I really enjoy James’s teaching approach, its very casual, he gives lots of background, explanation, has no issues with interruption and questioning or challenging. Obviously as you would hope for there is also the actual doing of hypnosis and learning as you go with your fellow class mates. The class had a great selection of people, and everyone got on well. I would say about 50% had the ability to hypnotise to some degree already using “conventional” methods, so this made for good discussion and education for everyone involved.

The main objectives of the course for me were to take steps to mastering this approach and building on what I had observed and practised to date, and I would say I achieved this as I had great successes all weekend. I wanted to discuss and examine possible limitations for my work from a social engineering perspective, and how I could utilise the conventional skills I have already, and as always to meet new people, and willing subjects to practice some head hacking with, and share my thoughts and opinions. I met, and possibly exceeded these objectives. So where from here for me? Well my approach to education and developing my skills is to expose myself to information and knowledgeable people on topics I think will be of benefit me, I then take all the various information and form my own opinions and approach. So moving forward I can see myself really utilising the Hypnosis Without Trance approach, and replacing alot of the “conventional” hypnosis methods I use as I think the non trance is more covert for the lack of a better word. It will also make me become a better hypnotist, and utilise both skills sets I have at my disposal. I would certainly like to work with James again, as I have got to know him even better over the weekend, he’s not only a great guy, he has lots of good insight, and NLP knowledge (in a good way, I have NLP hang ups), and I enjoy the discussions we have.

So if you want more information on Hypnosis Without Trance visit James’s website, you can sign up for his free paper on his approach, and no need to worry he isnt a spam king. Also check out Jame’s blog for more tit bits of information and videos. If you cant make a training, its worth considering the study at home Hypnosis Mastery Programme. I have not looked at all the material myself at this stage as I attended the workshop, but the content I have seen looks excellent.

Finally I will just share a final experience from the weekend, that for me showed the benefit. I know someone who in the past I have tried to Hypnotise with “conventional” hypnosis and I never had any success. In his own words, his brain is just to powerful. First time I tried it with the Hypnosis Without Trance approach, I had multiple phenomena. Hand stuck, feet stuck, arms locked, and name amnesia. Its a powerful approach, and it works. Just imagine what can be achieved with the knowledge of both. The mind is a power tool, make sure you keep it with you, and don’t walk around in a mindless state.

After the last class on Sunday, one of the attendees was kind enough to be videoed as I carried out some grey matter hacking. This was my first time being recorded, and it wasn’t really planned, so the nerves kicked in a little, and my cold didn’t help. However, great successes, and just gives an example of what this looks like. I was unsure if I would share this, but I think it shows me where I need to develop further, and will force me to get some decent planned non amateur footage, and help measure progression.

These three video clips are all using the Hypnosis Without Trance method, no sleep, no deepening, just direct, powerful hypnosis.

If you are also interested in the courses and DVD’s offered by Anthony Jacquin in addition to the RIP booked I mentioned already, please check out his Head Hacking site, for more information on his Manchurian Approach and Trilby Connection. Please let Anthony know how you found about about his products.

Hypnosis.. The No FAIL Protocol

Earlier on in the year I attended the Blackpool Magic Convention, it was a great event and I met some great hypnotists and magicians. Whilst I was there I was introduced to a guy called James Tripp. James came across as a nice approachable guy, and it turned out he was a hypnotist as well, but he had a slightly different approach to hypnosis. James was all about hypnosis without trance, and this was interesting, so we got talking, and its really very interesting, but I will tell you more about this next month after I attend his official course.

So why have I told you a little about James, well he asks an interesting question. What would you do with hypnosis if you knew you couldn’t fail? Its an interesting thought provoking question. Well James looked to answer this question with a one off exclusive course, called the No Fail Protocol, and I was lucky enough to attend. The day was recorded, and its my understanding that even though this day will not be repeated, the DVD of the day will be available from James’s website at a reasonable price in the future (I will keep you posted).

So what is the no fail protocol? James defines it as the following:
A code of ‘correct’ conduct that when followed allows the hypnotist to operate to his / her fullest extent 100% free from any perceivable failure!! Its an insurance against failure.

This is exactly what we achieved on the course, working examples and demonstrations to give an approach / strategy that gets you thinking out of the box and planning ahead. What this gives you is opportunity and manoeuvres, and I guess what they say in the magic world to some extent multiple outs. It really does then get you thinking about what you could achieve via hypnotic methods if you knew you couldn’t fail. When you approach hypnosis looking to learn from failure, as opposed to looking for success you may also find your results are not quite as you expect, give it a try.

So from a social engineering perspective, it can really get you thinking and challenging yourself. What information can you really extract from an individual using hypnotic suggestion. Why go to all of the trouble of brute force cracking a password, when you can simply ask and be told? What are the boundaries, practically and also ethically?

If you are interested in the No Fail Protocol, and the Hypnosis without trance (HWT) methods I encourage you to head over to James’s site for more information. If you decide to contact James, or attend one of his courses, please let him know where you found out about it. I think the HWT really can be of benefit over conventional hypnosis for the social engineer, but I will discuss this more after I attend the official course, and put it to use in the field. James also has a blog, where he posts his thoughts, and some videos, its worth a look also.

When conducting hypnosis there are various critical moments. These critical moments are formed from within the frame you are setting up. When a critical moment occurs the normal experience is success or fail. However if we ensure we have manoeuvrability we have both the option to jump over to the next critical moment, or execute an exit strategy.

Hypnosis… Mumbo Jumbo or the Real Thing

Next lets look at Hypnosis. I am sure everyone is familiar with the term hypnosis, and we all have our own conception of what hypnosis is. Of course we are all entitled to our own opinions and views, and many will simply dismiss hypnosis as mumbo jumbo, and that’s fine, in fact that was also my opinion before I learnt more about hypnosis and became a hypnotist myself.

Wikipedia Definition – Hypnosis is a mental state (state theory) or set of attitudes and beliefs (non-state theory) usually induced by a procedure known as a hypnotic induction, which is commonly composed of a series of preliminary instructions and suggestions.

I find it interesting when I speak to people about hypnosis, but that believe it to be a load of nonsense and those who believe. The interesting this is, even if you don’t believe, most people don’t want to try it, even though they are sure nothing will happen. Like myself in the past, its cant be real, but what if……

When you do speak to someone who has not been hypnotised but wants to be, and you ask them most people believe they will experience something like the following:

I will fall asleep, into a blank state of nothingness, I wont be able to feel anything, hear anything, see anything. I will no longer be in control.

Its an interesting view, and I think its due to what we see on TV and in movies. Everyone’s hypnotic experience is different, but you can be assured of a few things. You will feel completely normal, everything is the same, you can hear everything, you can feel, see, talk. This may sound odd to some, but lets really understand what’s happening.

Everyone in my opinion has experienced hypnosis in a way. If you have had a day dream, found yourself staring out of the window, concentrating and thinking about something, and then suddenly becoming aware of what’s going on. This in my experience is just like a typical hypnotic experience. You are fully aware, you know what’s happening, reality is still constant, but if suggested, altered for a period of time.

Hypnosis is often considered to be a form of trance, and I guess in a way that is true, but then you would assume that you would need to be put into this trance, however many skilled hypnotist work through conversational hypnosis that does not involve any closing of the eyes and sleep commands. Everyone has an opinion, and I don’t believe there is any right or wrong. Hypnosis to me is a state where you are highly concentrated, using the power of your unconscious mind (like when you dream), and imagining and experiencing real or imagined suggestions.

Many believe that even when someone is hypnotised, that they are actually just playing along. I am sure this is true, and I think this is because especially in a group setting, there is a desire to be compliant, and this can be advantageous. However those who have been hypnotised, and those who are a hypnotist know that the suggestions are very real, and if you test your work, you can verify this to be true.

Scientists and those in the medical profession have also carried out testings on various levels and have confirmed hypnosis to be true. Below is a simple image that represents a brain scan, that showed the reactions of someone hypnotised, and someone playing along. The scans clearly show they hypnotised subject to be using different parts of the brain. Its a simple, but interesting image.

Many people will ask can everyone be hypnotised. I think yes to some extent. I am not sure how accurately the figure of 90% is, but apparently 90% of the worlds population can be hypnotised. Being hypnotised does require skill of being a subject, as well as the skill of the hypnotist. If someone is unable to concentrate, use their imagination, or grasp the concepts will have great difficulty. Now the 90% of people may not experience a deep state of hypnosis, that would allow for amnesia, hallucinations, analgesia, but most will experience a relaxed therapeutic state, and experience sensations and catalepsy. Some people are considered to be a somnambulist (sleep walker), and these make for people who are very receptive to hypnosis, and make great subjects. Something linked with this is permanosis. This is where an individual can be receptive to the hypnotist without re-induction, I can only attempt to define it as a subconscious bonding, that may last for a variable length of time.

Like all things, hypnosis takes practice, and requires various skills, and we will go into these in later posts. I will close of with a few comments for thought and consideration.

If you are a hypnotist, remember to test your work, remember both ethical and moral boundaries for the subject, and remember to bring your subject out of hypnosis fully, reassure and verify before moving on.

If you have not been hypnotised, and believe it to be real or not, do your homework, and make an informed education decision. We are all entitled to our own opinions and believes, just challenge them from time to time.

* I should point out the hypnosis I carry out is impromptu (rapid induction) hypnosis. I am not a hypnotherapist, or a stage hypnotist.