# People Hacking

**Example URL:** <https://pentest.ws/e/{engagement.id}/people>

<figure><img src="https://pentestws.wordpress.com/wp-content/uploads/2025/05/image.png?w=1024" alt=""><figcaption><p><em>The individuals shown in this screenshot are entirely fictitious and generated for demonstration purposes only.</em></p></figcaption></figure>

The **People** page in PenTest.WS is your command center for tracking human targets during a red team engagement. Whether you're importing contacts for phishing, logging vishing attempts, or just enriching targets with metadata, this feature makes it easy to organize, search, and act on human intelligence.

## Overview

People are treated as first-class objects in PenTest.WS, just like hosts and services. Each person can include:

* Full name, job title, company, and location
* Tags for filtering (e.g. `finance`, `europe`)
* Multiple email addresses, phone numbers, and social links
* Freeform notes
* Linked events (calls, texts, phishing, etc.)
* Custom extra fields from import or manual entry

This makes it easy to build out real-world social engineering scenarios and tie them directly into findings or timelines.

## Importing People

To populate the People page, you can upload a file in one of the following formats:

* `.csv`
* `.json`
* `.xlsx` (Excel)

Only `first name` and `last name` are required. All other fields are optional but will be mapped where possible:

| Field Type     | Supports Multiple | Notes                                     |
| -------------- | ----------------- | ----------------------------------------- |
| `title`        | No                | Job title                                 |
| `company`      | No                | Company name                              |
| `location`     | No                | City or region                            |
| `tags`         | ✅ Yes             | Comma- or array-delimited                 |
| `emails`       | ✅ Yes             | Multiple email addresses supported        |
| `phones`       | ✅ Yes             | Supports various phone formats            |
| `links`        | ✅ Yes             | Social or profile URLs                    |
| *other fields* | ✅ Yes (dynamic)   | Stored under “Extra Fields” automatically |

> You can download a sample import file below:

{% file src="<https://1013683115-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHecEAvxd6Z8cSug6DhWr%2Fuploads%2FnFxJoQlyIGA1SQBy8DHD%2FPTWS_People_Sample_1000.xlsx?alt=media&token=83419166-cbe1-4b3a-a5a3-c55997266d0b>" %}
**Sample File:** contains 1,000 fully fictitious entries for testing purposes
{% endfile %}

## Adding & Editing People

<figure><img src="https://1013683115-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHecEAvxd6Z8cSug6DhWr%2Fuploads%2FlldAFqjQpNspVa1S3b24%2Fimage.png?alt=media&#x26;token=d274f923-b9eb-46c1-bfe9-a9365e134d5e" alt=""><figcaption><p><em>Edit Person</em></p></figcaption></figure>

You can also create or update individuals manually. The **Edit Person** page allows full control over all fields, including:

* Basic identity fields
* Tags (freeform)
* Custom links, emails, and phone numbers
* Rich text notes
* Extra fields (added automatically from imports or via the UI)

***

## Searching & Filtering

The People page uses a flexible filter system. You can stack multiple tags and metadata filters like:

* `north america`
* `engineering`
* `linkedin.com`
* `+1-202`

Only people matching **all** active filters are shown, allowing for precise targeting in large datasets.

***

## Linking Events

You can link people to events like:

* Phone calls (vishing)
* SMS messages (smishing)
* Emails or phishing attempts
* Physical impersonation

Event shortcuts are available from both the **main People page** and the **Edit Person** view. All events are timestamped in **UTC** and can be locked as **Evidence** to maintain a tamper-proof audit trail.

***

## Notes & Recommendations

* There’s no hard cap on how many people can be imported, thousands of records are supported.
* Extra fields added via import or UI can be deleted or renamed at any time.

## Tier Availability

**People Hacking** is available on **Pro Tier**.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pentest.ws/people-and-events/people-hacking.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.