"Chris Hadnagy′s new book Social Engineering: The Science of Human Hacking is a great read for any audience interested in the subject of social engineering, detailing the exact steps from OSINT to execution in order to infiltrate any target." Kevin Mitnick, author, speaker, and consultant
Mount a Stronger Defense by Mastering the Hackers′ Most Reliable Techniques
In the fortress of defense we build around our data, the human element is always the weakest link. Hackers both good and bad employ a specific set of tricks to gain access to sensitive information, using "human hacking" techniques to convince people to hand over passwords, transfer sensitive files, wire large sums of money, and willingly commit other acts that are not in their own best interests. Social Engineering: The Science of Human Hacking details the human hacker′s skill set to help security professionals identify and remedy their own system′s weaknesses. Beginning with an in–depth exploration of communication modeling, tribe mentality, observational skills, manipulation, and other fundamentals, the discussion moves on to actionable guidance for identifying, fighting, and preventing such attacks in your own organization.
Author Christopher Hadnagy′s updated second edition provides fresh insight into the latest social engineering trends and enduring classics, including case studies ripped from the headlines as well as his own real–world experiences. Featuring how–to guidance on elicitation, pretexting, information gathering, tail–gating, shoulder surfing, phishing, and much more, this book dives deep into how humans can be influenced to make compromising decisions.
"Back in the late 70′s, I started using social engineering tradecraft to obtain free bus rides as an adolescent, intercepting NSA phone calls in high school, to finally compromising any system of interest as a young adult. My motivation was pursuit of knowledge, challenge, and the seduction of adventure.
Fast forward to today, I still find that social engineering is the number one way in when conducting penetration testing. And I′m not alone. Nation states, criminal hackers, and hacktivists use the same tactics to disrupt businesses to steal money and/or proprietary information, and in some cases even change the course of a country′s election."
Kevin Mitnick, author, speaker, and consultant