Social Engineering - Christopher Hadnagy [0]
Cover
Title Page
Copyright
Dedication
About the Author
About the Technical Editor
Credits
Foreword
Preface and Acknowledgments
Chapter 1: A Look into the World of Social Engineering
Why This Book Is So Valuable
Overview of Social Engineering
Summary
Chapter 2: Information Gathering
Gathering Information
Sources for Information Gathering
Communication Modeling
The Power of Communication Models
Chapter 3: Elicitation
What Is Elicitation?
The Goals of Elicitation
Mastering Elicitation
Summary
Chapter 4: Pretexting: How to Become Anyone
What Is Pretexting?
The Principles and Planning Stages of Pretexting
Successful Pretexting
Summary
Chapter 5: Mind Tricks: Psychological Principles Used in Social Engineering
Modes of Thinking
Microexpressions
Neurolinguistic Programming (NLP)
Interview and Interrogation
Building Instant Rapport
The Human Buffer Overflow
Summary
Chapter 6: Influence: The Power of Persuasion
The Five Fundamentals of Influence and Persuasion
Influence Tactics
Altering Reality: Framing
Manipulation: Controlling Your Target
Manipulation in Social Engineering
Summary
Chapter 7: The Tools of the Social Engineer
Physical Tools
Online Information-Gathering Tools
Summary
Chapter 8: Case Studies: Dissecting the Social Engineer
Mitnick Case Study 1: Hacking the DMV
Mitnick Case Study 2: Hacking the Social Security Administration
Hadnagy Case Study 1: The Overconfident CEO
Hadnagy Case Study 2: The Theme Park Scandal
Top-Secret Case Study 1: Mission Not Impossible
Top-Secret Case Study 2: Social Engineering a Hacker
Why Case Studies Are Important
Summary
Chapter 9: Prevention and Mitigation
Learning to Identify Social Engineering Attacks
Creating a Personal Security Awareness Culture
Being Aware of the Value of the Information You Are Being Asked For
Keeping Software Updated
Developing Scripts
Learning from Social Engineering Audits
Concluding Remarks
Summary
Index
Social Engineering: The Art of Human Hacking
Published by
Wiley Publishing, Inc.
10475 Crosspoint Boulevard
Indianapolis, IN 46256
www.wiley.com
Copyright © 2011 by Christopher Hadnagy
Published by Wiley Publishing, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-0-470-63953-5
ISBN: 978-1-118-02801-8 (ebk)
ISBN: 978-1-118-02971-8 (ebk)
ISBN: 978-1-118-02974-9 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or