Cover image for Social Engineering, 2nd Edition

Social Engineering, 2nd Edition

Author Christopher Hadnagy
Release Date: 2018/07/01
ISBN: 9781119433385
Topic:
0%
23
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

Harden the human firewall against the most current threats

Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker’s repertoire—why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. The way that we make decisions as humans affects everything from our emotions to our security. Hackers, since the beginning of time, have figured out ways to exploit that decision making process and get you to take an action not in your best interest. This new Second Edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited.

Networks and systems can be hacked, but they can also be protected; when the “system” in question is a human being, there is no software to fall back on, no hardware upgrade, no code that can lock information down indefinitely. Human nature and emotion is the secret weapon of the malicious social engineering, and this book shows you how to recognize, predict, and prevent this type of manipulation by taking you inside the social engineer’s bag of tricks.

  • Examine the most common social engineering tricks used to gain access
  • Discover which popular techniques generally don’t work in the real world
  • Examine how our understanding of the science behind emotions and decisions can be used by social engineers
  • Learn how social engineering factors into some of the biggest recent headlines
  • Learn how to use these skills as a professional social engineer and secure your company
  • Adopt effective counter-measures to keep hackers at bay

By working from the social engineer’s playbook, you gain the advantage of foresight that can help you protect yourself and others from even their best efforts. Social Engineering gives you the inside information you need to mount an unshakeable defense.

Table of Contents

  1. Cover
  2. Foreword
  3. Preface
  4. 1 A Look into the New World of Professional Social Engineering
    1. What Has Changed?
    2. Why Should You Read This Book?
    3. An Overview of Social Engineering
    4. The SE Pyramid
    5. What's in This Book?
    6. Summary
  5. 2 Do You See What I See?
    1. A Real-World Example of Collecting OSINT
    2. Nontechnical OSINT
    3. Tools of the Trade
    4. Summary
  6. 3 Profiling People Through Communication
    1. The Approach
    2. Enter the DISC
    3. Summary
  7. 4 Becoming Anyone You Want to Be
    1. The Principles of Pretexting
    2. Summary
  8. 5 I Know How to Make You Like Me
    1. The Tribe Mentality
    2. Building Rapport as a Social Engineer
    3. The Rapport Machine
    4. Summary
  9. 6 Under the Influence
    1. Principle One: Reciprocity
    2. Principle Two: Obligation
    3. Principle Three: Concession
    4. Principle Four: Scarcity
    5. Principle Five: Authority
    6. Principle Six: Consistency and Commitment
    7. Principle Seven: Liking
    8. Principle Eight: Social Proof
    9. Influence vs. Manipulation
    10. Summary
  10. 7 Building Your Artwork
    1. The Dynamic Rules of Framing
    2. Elicitation
    3. Summary
  11. 8 I Can See What You Didn't Say
    1. Nonverbals Are Essential
    2. All Your Baselines Belong to Us
    3. Understand the Basics of Nonverbals
    4. Comfort vs. Discomfort
    5. Summary
  12. 9 Hacking the Humans
    1. An Equal Opportunity Victimizer
    2. The Principles of the Pentest
    3. Phishing
    4. Vishing
    5. SMiShing
    6. Impersonation
    7. Reporting
    8. Top Questions for the SE Pentester
    9. Summary
  13. 10 Do You Have a M.A.P.P.?
    1. Step 1: Learn to Identify Social Engineering Attacks
    2. Step 2: Develop Actionable and Realistic Policies
    3. Step 3: Perform Regular Real-World Checkups
    4. Step 4: Implement Applicable Security-Awareness Programs
    5. Tie It All Together
    6. Gotta Keep 'Em Updated
    7. Let the Mistakes of Your Peers Be Your Teacher
    8. Create a Security Awareness Culture
    9. Summary
  14. 11 Now What?
    1. Soft Skills for Becoming an Social Engineer
    2. Technical Skills
    3. Education
    4. Job Prospects
    5. The Future of Social Engineering
  15. Index
  16. End User License Agreement
18.116.63.174