Hunter Storm with platinum blonde hair, turquoise blue leather jacket, holding a microphone, smiling, and showcasing achievements with the glowing blue Hunter Storm logo. This image embodies the dynamic entertainer and innovation leader.

By: Hunter Storm

Published:

Professional headshot of Hunter Storm, a global strategic leader, AI expert, cybersecurity expert, quantum computing expert, strategic research and intelligence, singer, and innovator wearing a confident expression. The image conveys authority, expertise, and forward-thinking leadership in cybersecurity, AI security, and intelligence strategy.
Hunter Storm: “The Fourth Option.”

Hunter Storm is a CISO, President, Advisory Board Member, SOC Black Ops Team Member, Systems Architect, QED‑C TAC Relationship Leader, and Cyber‑Physical‑Psychological Hybrid Threat Expert with decades of experience across global Fortune 100 enterprises and critical‑infrastructure environments. She is the originator of the field of Human‑Layer Security and multiple adjacent disciplines through her foundational framework, Hacking Humans: The Ports and Services Model of Social Engineering (1994–2007), which established system‑level metaphors that now underpin modern socio‑technical security practice.

Hunter Storm is also the creator of The Storm Project: AI, Cybersecurity, Quantum, and the Future of Intelligence (2023-2026), a long‑horizon research initiative examining the convergence of emerging technologies, governance, and hybrid‑threat dynamics. Her work spans AI, cybersecurity, quantum technologies, platform governance, and systemic risk across complex global socio‑technical systems.

She contributes to ANSI X9, FS‑ISAC, NIST, and QED‑C, shaping standards, strategy, and policy in cybersecurity, financial systems, and post‑quantum cryptography (PQC). Her research, frameworks, and advisory work place her among the small group of practitioners influencing the United States’ quantum and post‑quantum governance landscape from within the ecosystem.

Original 2007 Hacking Humans | The Ports and Services Model of Social Engineering Presentation Notes (Primary Source Document), Arizona Security Practitioners Forum, University of Advancing Technology

 

Hunter Storm Research — Hacking Humans | The Ports and Services Model of Social Engineering

Hacking Humans Archive (1994–Present)
Foundational Research Series — Primary Source Corpus

Prepared by: Hunter Storm (https://hunterstorm.com/), Founder, Hunter Storm Enterprises
Originator of the Hacking Humans Framework (1994–2007)
Version 1.0 — Published December 2025

 

Archival Preface

These are the original, unedited presentation notes from Hunter Storm’s 2007 Hacking Humans | The Ports and Services Model of Social Engineering keynote at the University of Advancing Technology. They are preserved exactly as written to maintain historical accuracy and document the earliest public articulation of the Hacking Humans framework. Formatting, tone, and structure reflect the working materials used at the time.

 

HACKING HUMANS | Social Engineering with Real-Life Methods, Models, and Theories

© 1994-Present Hunter Storm

Social Engineering: Building a More Secure World Thru Innovative Use of the Truth

HACKING HUMANS: Social Engineering with Real-Life Methods, Models, and Theories

 

Introduction to the Dark Side

What is Social Engineering? Wikipedia (www.wikipedia.org) defines social engineering as: “1) the practice of obtaining confidential information by manipulating users. 2) the practice of using psychological manipulation tactics to help or harm others.” This is a good definition, but it’s only a start.

Many techies look down on Social Engineering, and consider it to be mere child’s play, low-level, script-kiddy mind tricks. In fact, SE is both the easiest and the most difficult hack, depending upon how you go about it.

Resources What is Social Engineering?  

Why use it:

  • Criminals—no l33+ $k1lz required
  • Formal penetration testing teams
  • Getting things done at work (privilege escalation)
  • Improving interpersonal relations

 

Hacking humans Goal(s)—what do you want?

Why Do People Fall for It?

  • Stupid?
  • Gullible?
  • Lazy?

Exploitable!

 

How to Hack Humans

  • /** Pwn$ {u}
  • Penetration Testing
  • Control resources
  • Leave backdoor
  • Cover tracks

 

Services and Ports

Human and machine networks are same (just quirkier)

  • Humans
  • Self-esteem
  • Apathy
  • Sadness
  • Happiness
  • Gregariousness
  • Ego / self-interest
  • Benefit to self
  • Commonalities
  • Helpfulness
  • Belonging

Ex.: Bar pickup vs. wives (Bastion host in DMZ vs. standalone PKI root CA)

Hosts

telnet

ftp

sftp

IpSec

 

HumInt

  • The Hidden Element
  • KNOW YOURSELF!!!
  • IPX/SPX vs. TCP/IP
  • Exploit Vulnerabilities
  • Brain firewalls & content filters
  • Finesse / Elicitation
  • PKI model

 

HumInt

 

DON’T

  • Run an MS Office exploit against a BSD OS
  • Keep hammering a port you can tell is closed (SSH ain’t running on :8080 . . .) will get you blacklisted
  • script kiddy vs. l33+ h@x04 (your neighbor’s kid vs. Kevin Mitnik)

 

DO!

  • Know your target!
  • Background
  • Motivators
  • Likes/dislikes
  • Proceed with caution
  • Finesse vs. not brute force (Hacker Ethic, don’t leave it worse than you found it) 😉

Ex: Hammurabi village & corn

 

Sanitized Stories – irl ’spl01+$

  • USB drives
  • South American NOC service technicians
  • Root-level CA and registrar server co-opt
  • Fortune 100 datacenter badging / geometry
  • Fortune 100 server heist w/ guards

 

Human IDS / IPS How to Guard Against It

Remain vigilant ALWAYS follow policies, baselines, and guidelines to the letter!

Questions?

 

Original Presentation Notes (Uploaded Word Document, 2007)

 

Related Pages in the Hacking Humans | The Ports and Services Model of Social Engineering Archive

 

How to Cite This Report

 

Citation for This Report

  • Citation guidance and standards: How to Cite the Hacking Humans Archive
  • Citation: Storm, Hunter. Hacking Humans | The Ports and Services Model of Social Engineering. Hacking Humans Archive. https://hunterstorm.com/hacking-humans-ports-and-services-model/

 

Citation Metadata

Version Control: This page is part of the Hacking Humans Archive (1994–Present). Series: Human‑Layer Security Series — Report No. 1 (2026)

Additional guidance: Citation Metadata for Hacking Humans

 

Citation for Human-Layer Security

Storm, Hunter. Human‑Layer Security | Definition, Origin, Variants, and 1994–2025 Lineage (Authoritative Guide). Hacking Humans Archive (1994–Present). https://hunterstorm.com/hacking-humans-ports-and-services-model/human-layer-security-definition-origin/

 

Preserved as part of the Hacking Humans | Ports and Services Model of Social Engineering Historical Archive.

 

Disclaimer

This report is provided for educational and informational purposes only. Hunter Storm does not provide legal, regulatory, or compliance advice. All analysis reflects practitioner‑level interpretation of publicly available information at the time of publication.

 

Note on Document Integrity

Some high‑visibility materials on this site have previously experienced post‑publication formatting interference. All content has been verified and restored to its correct form. If you notice anything that appears visually inconsistent, please report it via my contact page so it can be corrected promptly.

Learn more in these articles, with screenshots documenting post-publication interference in Hunter Storm’s Hacking Humans presentation notes. Each alteration has been identified and corrected, ensuring the work remains verifiable and intact.

 

Discover More from Hunter Storm

 

Last Updated: April 2026