Other versions by this Author
An ethical introduction to social engineering, an attack technique that leverages psychology, deception, and publicly available information to breach the defenses of a human target in order to gain access to an asset. Social engineering is key to the effectiveness of any computer security professional.
Practical Social Engineering teaches you how to leverage human psychology and publicly available information to attack a target. The book includes sections on how to evade detection, spear phish, generate reports, and protect victims to ensure their well-being. You'll learn how to collect information about a target and how to exploit that information to make your attacks more effective. You'll also learn how to defend yourself or your workplace against social engineering attacks. Case studies throughout offer poignant examples such as how the author was able to piece together the details of a person's life simply by gathering details from an overheard restaurant conversation. Gray walks you through the sometimes difficult decision making process that every ethical social engineer must go through when implementing a phishing engagement including how to decide whether to do things manually or use automated tools; even how to set up your web server and build other technical tools necessary to succeed.
Practical Social Engineering A Primer for the Ethical Hacker
by Gray, JoeFormat: Paperback
Pub. Date: 2022-06-14
Publisher(s): No Starch Press
-
This Item Qualifies for Free Shipping!*
*Excludes marketplace orders.
List Price: $36.74
Buy New
Arriving Soon. Will ship when available.
$34.99
Buy Used
In stock
$26.24
Rent Book
Select for Price
eBook
We're Sorry
Not Available
How Marketplace Works:
- This item is offered by an independent seller and not shipped from our warehouse
- Item details like edition and cover design may differ from our description; see seller's comments before ordering.
- Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
- Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
- Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.
Summary
Author Biography
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. As a member of the Password Inspection Agency, Joe has placed 2nd in the HackFest Quebec Missing Persons CTF powered by TraceLabs, 2nd in the BSides Atlanta OSINT CTF, and 3rd Place in the 2018 & 2019 NOLACon OSINT CTFs. Joe has independently placed 2nd in the HackFest Quebec SECTF, 4th Place in the DerbyCon OSINT CTF, and 2nd Place in Hacker Jeopardy at Hack in Paris. Joe has contributed material for the likes of TripWire, AlienVault, ITSP Magazine, CSO Online, Forbes, and Dark Reading as well as his own platforms.
Table of Contents
Introduction
Part 1: The Basics
Chapter 1: What is Social Engineering?
Chapter 2: Ethical Considerations
Part 2: Offensive Social Engineering
Chapter 3: Preparing to Attack
Chapter 4: Business OSINT
Chapter 5: Social Media and Public Documents
Chapter 6: People OSINT
Chapter 7: Phishing
Chapter 8: Building Landing Pages for Phishing
Chapter 9: Detection, Measurement, and Reporting
Part 3: Defending Against Social Engineering
Chapter 10: Proactive Defense Techniques
Chapter 11: Technical Email Controls
Chapter 12: Producing Threat Intelligence
Appendix A: Scoping Worksheet
Appendix B: Reporting Template
Appendix C: Information Gathering Worksheet
Appendix D: Pretexting Samples
Appendix E: Social Engineering Exercises
Part 1: The Basics
Chapter 1: What is Social Engineering?
Chapter 2: Ethical Considerations
Part 2: Offensive Social Engineering
Chapter 3: Preparing to Attack
Chapter 4: Business OSINT
Chapter 5: Social Media and Public Documents
Chapter 6: People OSINT
Chapter 7: Phishing
Chapter 8: Building Landing Pages for Phishing
Chapter 9: Detection, Measurement, and Reporting
Part 3: Defending Against Social Engineering
Chapter 10: Proactive Defense Techniques
Chapter 11: Technical Email Controls
Chapter 12: Producing Threat Intelligence
Appendix A: Scoping Worksheet
Appendix B: Reporting Template
Appendix C: Information Gathering Worksheet
Appendix D: Pretexting Samples
Appendix E: Social Engineering Exercises
An electronic version of this book is available through VitalSource.
This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.
By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.
Digital License
You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.
More details can be found here.
A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.
Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.
Please view the compatibility matrix prior to purchase.