Social Engineering
26%
off

Social Engineering : The Science of Human Hacking

3.4 (5 ratings by Goodreads)
By (author) 

Free delivery worldwide

Available. Dispatched from the UK in 2 business days
When will my order arrive?

Description

Harden the human firewall against the most current threats

Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker's repertoire--why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. The way that we make decisions as humans affects everything from our emotions to our security. Hackers, since the beginning of time, have figured out ways to exploit that decision making process and get you to take an action not in your best interest. This new Second Edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited.

Networks and systems can be hacked, but they can also be protected; when the "system" in question is a human being, there is no software to fall back on, no hardware upgrade, no code that can lock information down indefinitely. Human nature and emotion is the secret weapon of the malicious social engineering, and this book shows you how to recognize, predict, and prevent this type of manipulation by taking you inside the social engineer's bag of tricks.



Examine the most common social engineering tricks used to gain access
Discover which popular techniques generally don't work in the real world
Examine how our understanding of the science behind emotions and decisions can be used by social engineers
Learn how social engineering factors into some of the biggest recent headlines
Learn how to use these skills as a professional social engineer and secure your company



Adopt effective counter-measures to keep hackers at bay

By working from the social engineer's playbook, you gain the advantage of foresight that can help you protect yourself and others from even their best efforts. Social Engineering gives you the inside information you need to mount an unshakeable defense.
show more

Product details

  • Paperback | 320 pages
  • 153 x 228 x 16mm | 344g
  • New York, United States
  • English
  • 2nd Edition
  • 111943338X
  • 9781119433385
  • 69,827

Back cover copy

"Chris Hadnagy's new book Social Engineering: The Science of Human Hacking is a great read for any audience interested in the subject of social engineering, detailing the exact steps from OSINT to execution in order to infiltrate any target." --Kevin Mitnick, author, speaker, and consultant

Mount a Stronger Defense by Mastering the Hackers' Most Reliable Techniques

In the fortress of defense we build around our data, the human element is always the weakest link. Hackers--both good and bad--employ a specific set of tricks to gain access to sensitive information, using "human hacking" techniques to convince people to hand over passwords, transfer sensitive files, wire large sums of money, and willingly commit other acts that are not in their own best interests. Social Engineering: The Science of Human Hacking details the human hacker's skill set to help security professionals identify and remedy their own system's weaknesses. Beginning with an in-depth exploration of communication modeling, tribe mentality, observational skills, manipulation, and other fundamentals, the discussion moves on to actionable guidance for identifying, fighting, and preventing such attacks in your own organization.

Author Christopher Hadnagy's updated second edition provides fresh insight into the latest social engineering trends and enduring classics, including case studies ripped from the headlines--as well as his own real-world experiences. Featuring how-to guidance on elicitation, pretexting, information gathering, tail-gating, shoulder surfing, phishing, and much more, this book dives deep into how humans can be influenced to make compromising decisions.

"Back in the late 70's, I started using social engineering tradecraft to obtain free bus rides as an adolescent, intercepting NSA phone calls in high school, to finally compromising any system of interest as a young adult. My motivation was pursuit of knowledge, challenge, and the seduction of adventure.

Fast forward to today, I still find that social engineering is the number one way in when conducting penetration testing. And I'm not alone. Nation states, criminal hackers, and hacktivists use the same tactics to disrupt businesses to steal money and/or proprietary information, and in some cases even change the course of a country's election."
--Kevin Mitnick, author, speaker, and consultant
show more

Table of contents

Acknowledgments xi


Foreword xix


Preface xxi


1 A Look into the New World of Professional Social Engineering .


What Has Changed? 2


Why Should You Read This Book? 4


An Overview of Social Engineering 6


The SE Pyramid 11


What's in This Book? 14


Summary 15


2 Do You See What I See? 17


A Real-World Example of Collecting OSINT 17


Nontechnical OSINT 22


Tools of the Trade 59


Summary 61


3 Pro?ling People Through Communication 63


The Approach 66


Enter the DISC 68


Summary 80


4 Becoming Anyone You Want to Be 83


The Principles of Pretexting 84


Summary 98


5 I Know How to Make You Like Me 101


The Tribe Mentality 103


Building Rapport as a Social Engineer 105


The Rapport Machine 120


Summary 121


6 Under the In?uence 123


Principle One: Reciprocity 125


Principle Two: Obligation 128


Principle Three: Concession 131


Principle Four: Scarcity 134


Principle Five: Authority 137


Principle Six: Consistency and Commitment 142


Principle Seven: Liking 146


Principle Eight: Social Proof 148


In?uence vs. Manipulation 151


Summary 156


7 Building Your Artwork 157


The Dynamic Rules of Framing 159


Elicitation 168


Summary 182


8 I Can See What You Didn't Say 183


Nonverbals Are Essential 184


All Your Baselines Belong to Us 187


Understand the Basics of Nonverbals 196


Comfort vs. Discomfort 198


Summary 220


9 Hacking the Humans 223


An Equal Opportunity Victimizer 224


The Principles of the Pentest 225


Phishing 229


Vishing 233


SMiShing 240


Impersonation 241


Reporting 246


Top Questions for the SE Pentester 250


Summary 254


10 Do You Have a M.A.P.P.? 257


Step 1: Learn to Identify Social Engineering Attacks 259


Step 2: Develop Actionable and Realistic Policies 261


Step 3: Perform Regular Real-World Checkups 264


Step 4: Implement Applicable Security-Awareness Programs 266


Tie It All Together 267


Gotta Keep 'Em Updated 268


Let the Mistakes of Your Peers Be Your Teacher 270


Create a Security Awareness Culture 271


Summary 274


11 Now What? 277


Soft Skills for Becoming an Social Engineer 277


Technical Skills 280


Education 281


Job Prospects 283


The Future of Social Engineering 284


Index 287
show more

About Christopher Hadnagy

CHRISTOPHER HADNAGY is the CEO and Chief Human Hacker of Social-Engineer, LLC as well as the lead developer and creator of the world's first social engineering framework found at social-engineer.org. He is the founder and creator of the Social Engineering Village (SEVillage) at DEF CON and DerbyCon, as well as the creator of the popular Social Engineering Capture the Flag (SECTF). He is a sought-after speaker and trainer and even has debriefed the Pentagon on these topics. He can be found tweeting at @humanhacker.
show more

Rating details

5 ratings
3.4 out of 5 stars
5 20% (1)
4 20% (1)
3 40% (2)
2 20% (1)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X