Social Engineering: The Art of Human Hacking

( 13 )

Overview

No matter how sophisticated your security equipment and procedures may be, their most, easily exploitable aspect is, and has always been, the human infrastructure. The skilled malicious social engineer is a weapon, nearly impossible to defend against.

This book covers, in detail, the world's first framework for social engineering. It defines, explains, and dissects each principle, then illustrates it with true stories and case studies from masters such as Kevin Mitnick, renowned...

See more details below
Paperback
$21.57
BN.com price
(Save 38%)$34.99 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (25) from $15.33   
  • New (13) from $17.38   
  • Used (12) from $15.33   

Overview

No matter how sophisticated your security equipment and procedures may be, their most, easily exploitable aspect is, and has always been, the human infrastructure. The skilled malicious social engineer is a weapon, nearly impossible to defend against.

This book covers, in detail, the world's first framework for social engineering. It defines, explains, and dissects each principle, then illustrates it with true stories and case studies from masters such as Kevin Mitnick, renowned author of The Art of Deception. You will discover just what it takes to excel as a social engineer. Then you will know your enemy.

Tour the Dark World of Social Engineering

Learn the psychological principles employed by social engineers and how they're used

Discover persuasion secrets that social engineers know well

See how the crafty crook takes advantage of cameras, GPS devices, and caller ID

Find out what information is, unbelievably, available online

Study real-world social engineering exploits step by step

Read More Show Less

Product Details

  • ISBN-13: 9780470639535
  • Publisher: Wiley
  • Publication date: 12/28/2010
  • Edition number: 1
  • Pages: 416
  • Sales rank: 163,335
  • Product dimensions: 6.00 (w) x 8.90 (h) x 1.00 (d)

Meet the Author

Christopher Hadnagy is the lead developer of www.social-engineer.org, the world’s first social engineering framework. In more than 14 years of security and IT activity, he has partnered with the team at www.backtrack-linux.org and worked on a wide variety of security projects. He also serves as trainer and lead social engineer for Offensive Security’s penetration testing team.
Read More Show Less

Table of Contents

Foreword xiii

Preface and Acknowledgments xvii

1 A Look into the World of Social Engineering 1

Why This Book Is So Valuable 3

Overview of Social Engineering 9

Summary 21

2 Information Gathering 23

Gathering Information 26

Sources for Information Gathering 33

Communication Modeling 43

The Power of Communication Models 53

3 Eficitation 55

What Is Elicitation? 56

The Goals of Elicitation 58

Mastering Elicitation 74

Summary 76

4 Pretexting: How to Become Anyone 77

What Is Pretexting? 78

The Principles and Planning Stages of Pretexting 79

Successful Pretexting 91

Summary 99

5 Mind Tricks: Psychological Principles Used in Social Engineering 101

Modes of Thinking 103

Microexpressions 109

Neurolinguistic Programming (NLP) 136

Interview and Interrogation 143

Building Instant Rapport 162

The Human Buffer Overflow 172

Summary 178

6 Influence: The Power of Persuasion 181

The Five Fundamentals of Influence and Persuasion 182

Influence Tactics 187

Altering Reality: Framing 215

Manipulation: Controlling Your Target 233

Manipulation in Social Engineering 248

Summary 256

7 The Tools of the Social Engineer 259

Physical Tools 260

Online Information-Gathering Tools 279

Summary 297

8 Case Studies: Dissecting the Social Engineer 299

Mitnick Case Study 1: Hacking the DMV 300

Mitnick Case Study 2: Hacking the Social Security Administration 306

Hadnagy Case Study 1: The Overconfident CEO 310

Hadnagy Case Study 2: The Theme Park Scandal 317

Top-Secret Case Study 1: Mission Not Impossible 322

Top-Secret Case Study 2: Social Engineering a Hacker 329

Why Case Studies Are Important 337

Summary 338

9 Prevention and Mitigation 339

Learning to Identify Social Engineering Attacks 340

Creating a Personal Security Awareness Culture 341

Being Aware of the Value of the Information You Are Being Asked For 344

Keeping Software Updated 347

Developing Scripts 348

Learning from Social Engineering Audits 348

Concluding Remarks 354

Summary 361

Index 363

Read More Show Less

Customer Reviews

Average Rating 4.5
( 13 )
Rating Distribution

5 Star

(11)

4 Star

(1)

3 Star

(0)

2 Star

(0)

1 Star

(1)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 13 Customer Reviews
  • Posted December 16, 2010

    more from this reviewer

    Highly recommend! Could not put down...

    Social Engineering: The Art of Human Hacking by Chris Hadnagy is the prime handbook for social engineers. It's an exciting look into the art of social engineering from the inside out. The provided guidelines and in-depth insider tips make this book a must have for beginners and experts alike. The ideas presented are well thought out and give a very practical look into the daily practices of social engineers. The book's informative approach and flowing directive make it a read that I simply could not put down. I especially enjoyed Chapter 4 about Pretexting. It is great to see Chris's fresh approach to social engineer methodologies, and security through education... He gives you insight into the techniques being used by real social engineers to help in protecting yourself from attacks. I would definitely recommend this book to my family, friends, and co-workers. Thank you Chris, once again, for providing the Social Engineering community with an excellent resource of information!

    4 out of 4 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Posted July 27, 2012

    Amazing book! A must read for everyone!

    This book is for anyone interested in human nature, but it also covers important topics such as your online safety, pretexting, info gathering, and much more, plus it's easy to read and understand. A wealth of information for everyone, no matter what profession you happen to be in. An exciting read with fun stories make this a book you don't want to put down!

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 28, 2011

    No text was provided for this review.

  • Anonymous

    Posted January 4, 2012

    No text was provided for this review.

  • Anonymous

    Posted January 3, 2012

    No text was provided for this review.

  • Anonymous

    Posted January 14, 2012

    No text was provided for this review.

  • Anonymous

    Posted April 28, 2011

    No text was provided for this review.

  • Anonymous

    Posted March 19, 2011

    No text was provided for this review.

  • Anonymous

    Posted November 27, 2011

    No text was provided for this review.

  • Anonymous

    Posted May 29, 2012

    No text was provided for this review.

  • Anonymous

    Posted September 25, 2012

    No text was provided for this review.

  • Anonymous

    Posted July 9, 2011

    No text was provided for this review.

  • Anonymous

    Posted February 6, 2012

    No text was provided for this review.

Sort by: Showing all of 13 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)