Practical Social Engineering: A Primer for the Ethical Hacker
Author: Joe Gray
Publisher Finelybook 出版社：No Starch Press (June 14, 2022)
pages 页数：230 pages
A guide to hacking the human element.
Even the most advanced security teams can do little to defend against an employee clicking a malicious link, opening an email attachment, or revealing sensitive information in a phone call. Practical Social Engineering will help you better understand the techniques behind these social engineering attacks and how to thwart cyber criminals and malicious actors who use them to take advantage of human nature.
Joe Gray, an award-winning expert on social engineering, shares case studies, best practices, open source intelligence (OSINT) tools, and templates for orchestrating and reporting attacks so companies can better protect themselves. He outlines creative techniques to trick users out of their credentials, such as leveraging Python scripts and editing HTML files to clone a legitimate website. Once you’ve succeeded in harvesting information about your targets with advanced OSINT methods, you’ll discover how to defend your own organization from similar threats.
You’ll learn how to:
Apply phishing techniques like spoofing, squatting, and standing up your own web server to avoid detection
Use OSINT tools like Recon-ng, theHarvester, and Hunter
Capture a target’s information from social media
Collect and report metrics about the success of your attack
Implement technical controls and awareness programs to help defend against social engineering
Fast-paced, hands-on, and ethically focused, Practical Social Engineering is a book every pentester can put to use immediately.