Learn Social Engineering : Learn the art of human hacking with an internationally renowned expert

Print version:

Cover; Copyright and Credits; Dedication; Packt Upsell; Foreword; Contributors; Table of Contents; Preface; Chapter 1: Introduction to Social Engineering; Overview of social engineering; Applications of social engineering; The social engineering framework; Information gathering; Nontechnical; Technical; Elicitation; Pretexting; Mind tricks; Persuasion; Tools used in social engineering; Physical tools; Software-based tools; Social engineering examples from Hollywood; Matchstick Men (2003); Catch Me If You Can (2002); Ocean's Eleven (2001); Tips; Summary. Chapter 2: The Psychology of Social Engineering

Mind Tricks UsedIntroduction; Modes of thinking; Visual thinkers; Auditory thinkers; Kinesthetic thinkers; Determining one's dominant sense and mode of thinking; Importance of understanding a target's mode of thinking; Microexpressions; Anger; Disgust; Contempt; Fear; Surprise; Sadness; Happiness; Training to see microexpressions; How microexpressions are used in a social engineering attack?; Contradictions; Hesitation; Behavioral changes; Gestures; NLP; Codes of NLP; Voice; Sentence structuring; Word choice; Interview and interrogation. Expert interrogation techniquesGesturing; Attentive listening; Building rapport; Human buffer overflow; Fuzzing the brain; Embedded commands; Tips; Summary; Chapter 3: Influence and Persuasion; Introduction; Five fundamental aspects of persuasion; Setting up the environment; Influence tactics; Reciprocation; Obligation; Concession; Scarcity; Authority; Legal authority; Organizational authority; Social authority; Commitment and consistency; Liking; Social proof; Reality alteration (framing); Manipulation; Negative manipulation tactics; Increasing predictability. Controlling the target's environmentCasting doubt; Making the target powerless; Punishing the target; Intimidation; Positive manipulation tips and tactics; Summary; Chapter 4: Information Gathering; Introduction; Gathering information about targets; Technical information-gathering methods; BasKet ; Dradis ; Websites; Search engines; Pipl; Whois.net; Social media; Phishing and spear phishing; Watering holes; Blogs; Telephone; Nontechnical methods; Dumpster diving; Intrusion and impersonation; Tailgating; Shoulder surfing; Observation; Tips; Summary; Chapter 5: Targeting and Recon; Introduction. BanksOld organizations; Organizational employees; IT personnel; Customer support agents; Senior-level staff; Finance personnel; Elderly people; Well-wishers; Tips; Summary; Chapter 6: Elicitation; Introduction; Getting into conversations with strangers; Preloading; Avoiding elicitation; Appealing to egos; Showing mutual interest; Falsifying statements; Flattering; Volunteering information; Assuming knowledge; Using ignorance; Capitalizing on alcoholic drinks; Being a good listener; Using intelligently-posed questions; Assumptive questions; Bracketing; Learning the skill of elicitation; Tips