Book of the Month – Social Engineering: The Art of Human Hacking

Every one in security arena knows Kevin Mitnick – Father of Social Engineering – how he used to trick the people on the other side of phone to do any thing for him. Those were  the days when federal guys feared that if Kevin is let free then he can cause nuclear wars with his words. That is enough to show anyone the sheer power of ‘Social Engineering’ !

.

On those lines comes a new book ‘Social Engineering: The Art of Human Hacking’ which explains the terms, tricks and mastery behind this very art of social engineering.

.

.

Here is the core information

  • Title: Social Engineering: The Art of Human Hacking
  • Author: Christopher Hadnagy, Paul Wilson
  • Publisher: Wiley
  • Hardcover: 408 pages
  • Price: $23 (as of this writing)
  • Release Date: December 21, 2010
  • Rating(Amazon):

.

Table of Contents

  1. A Look into the World of Social Engineering.
  2. Information Gathering.
  3. Elicitation.
  4. Pretexting: How to Become Anyone.
  5. Mind Tricks: Psychological Principles Used in Social Engineering.
  6. Influence: The Power of Persuasion.
  7. The Tools of the Social Engineer.
  8. Case Studies: Dissecting the Social Engineer.
  9. Prevention and Mitigation.

.

Book starts with introduction to Social Engineering then goes into preparation steps by gathering enough information about the target before the show. Next chapter on Eliciting & Pretexting describes how you can hijack some one else’s identity remotely. Finally it is all about the mind game and the chapter on ‘Mind Tricks’ (mine personal favorite chapter) explains how you can use human psychology to get under the skin of remote kin to get your job done.

.

Often people don’t give things/information directly, it takes enough persuasion in right direction to make a person to bow before you. Chapter 6 covers of all the tactics involved in persuading people. Next chapter on Tools talks about physical as well as online information gathering tools to prepare yourself. Final chapter cites various ways of identifying and preventing social engineering attacks by training the staff with the value of information and SE auditing.

.

Real gem of the book lies in ‘Case Studies’ which totally has 6 real life examples of social engineering including 2 from Kevin Mitnick.

.

Strictly speaking ‘Social Engineering’ is not every one’s cup of tea, not every one is born with such a gift like Kevin. But this book strikes the difference and makes it possible for you. All credit goes to authors for putting up such a difficult topic in an interesting and excellent way.

.

To cut the long story short – This is the BEST book published so far on ‘Social Engineering’ and must get into your book-shelf if you are the one who look beyond the human face !

.

Buy Now: [Highly Recommended]

Ebook : [Link Removed on Author’s Request]

Sample Chapter: http://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=zg_bs_3648_1#reader_0470639539

Similar posts
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]

Leave a Reply

Our Company

Follow us on Facebook


Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list