Social Engineering (eBook)
416 Seiten
John Wiley & Sons (Verlag)
978-1-118-02801-8 (ISBN)
From elicitation, pretexting, influence and manipulation allaspects of social engineering are picked apart, discussed andexplained by using real world examples, personal experience and thescience behind them to unraveled the mystery in socialengineering.
Kevin Mitnick--one of the most famous social engineers inthe world--popularized the term "socialengineering." He explained that it is much easier to tricksomeone into revealing a password for a system than to exert theeffort of hacking into the system. Mitnick claims that this socialengineering tactic was the single-most effective method in hisarsenal. This indispensable book examines a variety of maneuversthat are aimed at deceiving unsuspecting victims, while it alsoaddresses ways to prevent social engineering threats.
* Examines social engineering, the science of influencing atarget to perform a desired task or divulge information
* Arms you with invaluable information about the many methods oftrickery that hackers use in order to gather information with theintent of executing identity theft, fraud, or gaining computersystem access
* Reveals vital steps for preventing social engineeringthreats
Social Engineering: The Art of Human Hacking does itspart to prepare you against nefarious hackers--now you can doyour part by putting to good use the critical information withinits pages.
Christopher Hadnagy is the lead developer of www.social-engineer.org, the world's first social engineering framework. In more than 14 years of security and IT activity, he has partnered with the team at www.backtrack-linux.org and worked on a wide variety of security projects. He also serves as trainer and lead social engineer for Offensive Security's penetration testing team.
Foreword xiii
Preface and Acknowledgments xvii
1 A Look into the World of Social Engineering 1
Why This Book Is So Valuable 3
Overview of Social Engineering 9
Summary 21
2 Information Gathering 23
Gathering Information 26
Sources for Information Gathering 33
Communication Modeling 43
The Power of Communication Models 53
3 Elicitation 55
What Is Elicitation? 56
The Goals of Elicitation 58
Mastering Elicitation 74
Summary 76
4 Pretexting: How to Become Anyone 77
What Is Pretexting? 78
The Principles and Planning Stages of Pretexting 79
Successful Pretexting 91
Summary 99
5 Mind Tricks: Psychological Principles Used in Social Engineering 101
Modes of Thinking 103
Microexpressions 109
Neurolinguistic Programming (NLP) 136
Interview and Interrogation 143
Building Instant Rapport 162
The Human Buffer Overflow 172
Summary 178
6 Influence: The Power of Persuasion 181
The Five Fundamentals of Influence and Persuasion 182
Influence Tactics 187
Altering Reality: Framing 215
Manipulation: Controlling Your Target 233
Manipulation in Social Engineering 248
Summary 256
7 The Tools of the Social Engineer 259
Physical Tools 260
Online Information-Gathering Tools 279
Summary 297
8 Case Studies: Dissecting the Social Engineer 299
Mitnick Case Study 1: Hacking the DMV 300
Mitnick Case Study 2: Hacking the Social Security Administration 306
Hadnagy Case Study 1: The Overconfident CEO 310
Hadnagy Case Study 2: The Theme Park Scandal 317
Top-Secret Case Study 1: Mission Not Impossible 322
Top-Secret Case Study 2: Social Engineering a Hacker 329
Why Case Studies Are Important 337
Summary 338
9 Prevention and Mitigation 339
Learning to Identify Social Engineering Attacks 340
Creating a Personal Security Awareness Culture 341
Being Aware of the Value of the Information You Are Being Asked For 344
Keeping Software Updated 347
Developing Scripts 348
Learning from Social Engineering Audits 348
Concluding Remarks 354
Summary 361
Index 363
| Erscheint lt. Verlag | 13.12.2010 |
|---|---|
| Vorwort | Paul Wilson |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Schlagworte | Computer Science • Computersicherheit • Informatik • Networking / Security • Netzwerke / Sicherheit |
| ISBN-10 | 1-118-02801-5 / 1118028015 |
| ISBN-13 | 978-1-118-02801-8 / 9781118028018 |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
