You are previewing Social Engineering Penetration Testing.
O'Reilly logo
Social Engineering Penetration Testing

Book Description

Social engineering attacks target the weakest link in an organization's security—human beings. Everyone knows these attacks are effective, and everyone knows they are on the rise. Now, Social Engineering Penetration Testing gives you the practical methodology and everything you need to plan and execute a social engineering penetration test and assessment. You will gain fascinating insights into how social engineering techniques—including email phishing, telephone pretexting, and physical vectors— can be used to elicit information or manipulate individuals into performing actions that may aid in an attack. Using the book's easy-to-understand models and examples, you will have a much better understanding of how best to defend against these attacks.

The authors of Social Engineering Penetration Testing show you hands-on techniques they have used at RandomStorm to provide clients with valuable results that make a real difference to the security of their businesses. You will learn about the differences between social engineering pen tests lasting anywhere from a few days to several months. The book shows you how to use widely available open-source tools to conduct your pen tests, then walks you through the practical steps to improve defense measures in response to test results.

  • Understand how to plan and execute an effective social engineering assessment
  • Learn how to configure and use the open-source tools available for the social engineer
  • Identify parts of an assessment that will most benefit time-critical engagements
  • Learn how to design target scenarios, create plausible attack situations, and support various attack vectors with technology
  • Create an assessment report, then improve defense measures in response to test results

Table of Contents

  1. Cover image
  2. Title page
  3. Copyright
  4. Foreword
  5. Acknowledgements
  6. About the Authors
  7. About the Technical Editor
  8. Chapter 1. An Introduction to Social Engineering
    1. Introduction
    2. Defining social engineering
    3. Examples from the movies
    4. Famous social engineers
    5. Real-world attacks
    6. Summary
  9. Chapter 2. The Weak Link in the Business Security Chain
    1. Introduction
    2. Why personnel are the weakest link
    3. Summary
  10. Chapter 3. The Techniques of Manipulation
    1. Introduction
    2. Pretexting
    3. Impersonation
    4. Baiting
    5. Pressure and solution
    6. Leveraging authority
    7. Reverse social engineering
    8. Chain of authentication
    9. Gaining credibility
    10. From innocuous to sensitive
    11. Priming and loading
    12. Social proof
    13. Framing information
    14. Emotional states
    15. Selective attention
    16. Personality types and models
    17. Body language
    18. Summary
  11. Chapter 4. Short and Long Game Attack Strategies
    1. Introduction
    2. Short-term attack strategies
    3. Long-term attack strategies
    4. Summary
  12. Chapter 5. The Social Engineering Engagement
    1. Introduction
    2. The business need for social engineering
    3. Social engineering operational considerations and challenges
    4. Challenges for the social engineers
    5. Challenges for the client
    6. Legislative considerations
    7. Social engineering frameworks
    8. Assessment prerequisites
    9. Key deliverables
    10. Social engineering team members and skill sets
    11. Summary
  13. Chapter 6. Ensuring Value Through Effective Threat Modeling
    1. Introduction
    2. Why the need for threat modeling?
    3. Who would want to gain access to my business?
    4. Summary
  14. Chapter 7. Creating Targeted Scenarios
    1. Introduction
    2. The components of a scenario
    3. Target identification
    4. Pretext design mapping
    5. Planning for the unknown
    6. Designing to fail
    7. Summary
  15. Chapter 8. Leveraging Open-Source Intelligence
    1. Introduction
    2. The corporate website
    3. E-mail addresses
    4. Social media
    5. DNS records
    6. Summary
  16. Chapter 9. The E-mail Attack Vector
    1. Introduction
    2. An introduction to phishing attacks
    3. Why phishing attacks work
    4. Spear phishing versus trawling
    5. Spear phishing
    6. Real-world phishing examples
    7. American Express—drive-by-download
    8. Dr. Atanasoff Gavin—advance fee fraud
    9. Apple ID scam—credential harvesting
    10. Nobody falls for this one. Nobody. Ever.
    11. Active e-mail reconnaissance
    12. Nondelivery reports
    13. Out-of-office responses
    14. The nonexistent meeting
    15. Impersonating the absent staff member
    16. Creating plausible e-mail scenarios
    17. Work experience placements
    18. Weaponizing the scenario
    19. The college project
    20. Weaponizing the scenario
    21. The recruitment consultant
    22. Salesperson
    23. Defending against phishing attacks
    24. Technological approaches
    25. Human approaches
    26. Setting up your own attack
    27. Spoofed e-mails versus fake domain names
    28. The SET
    29. Spear phishing attack vector
    30. Does this approach really work?
    31. Malicious Java applets
    32. Using cloned web sites to harvest credentials
    33. Is all of this really social engineering?
    34. Summary
  17. Chapter 10. The Telephone Attack Vector
    1. Introduction
    2. Real-world examples
    3. Environmental sounds
    4. The issues with caller ID
    5. Caller ID spoofing
    6. Phone system hacks
    7. Is the contact database up to date?
    8. Transferring caller ID
    9. How to figure out if your caller ID shows up
    10. Summing it up
    11. Building on the e-mail attack
    12. Please contact Sarah in my absence
    13. Who ya gonna call?
    14. Job enquiries
    15. Sales calls
    16. Surveys
    17. Impersonating staff members
    18. The help desk
    19. Employee numbers
    20. Obtaining key information and access
    21. Credentials and e-mail access
    22. Physical access
    23. The physical access zero day
    24. Weaponizing your call
    25. Summary
  18. Chapter 11. The Physical Attack Vector
    1. Introduction
    2. Building on the e-mail and telephone attacks
    3. Active information gathering
    4. Props and disguises
    5. Badges and lanyards
    6. Tailgating
    7. Lock picking
    8. Once you’re inside
    9. Summary
  19. Chapter 12. Supporting an Attack with Technology
    1. Introduction
    2. Summary
  20. Chapter 13. Writing the Report
    1. Introduction
    2. Data collection
    3. Writing the report
    4. Delivery of the report
    5. Summary
  21. Chapter 14. Creating Hardened Policies and Procedures
    1. Introduction
    2. Background
    3. Social engineering defense: a proactive approach
    4. Industry information security and cyber security standards
    5. Developing fit for purpose social engineering policies and procedures
    6. Summary
  22. Chapter 15. Staff Awareness and Training Programs
    1. Introduction
    2. Current awareness training
    3. A model for effective training
    4. Summary
  23. Chapter 16. Internal Social Engineering Assessments
    1. Introduction
    2. The need for internal testing
    3. Designing the internal test
    4. Summary
  24. Chapter 17. Social Engineering Assessment Cheat Sheet
    1. Introduction
    2. Social engineering framework
    3. Social engineering cheat sheet
    4. Summary
  25. Index