An ethical introduction to social engineering an attack technique that leverages psychology
deception and publicly available information to breach the defenses of a human target in order
to gain access to an asset. Social engineering is key to the effectiveness of any computer
security professional. Practical Social Engineering teaches you how to leverage human
psychology and publicly available information to attack a target. The book includes sections on
how to evade detection spear phish generate reports and protect victims to ensure their
well-being. You'll learn how to collect information about a target and how to exploit that
information to make your attacks more effective. You'll also learn how to defend yourself or
your workplace against social engineering attacks. Case studies throughout offer poignant
examples such as how the author was able to piece together the details of a person's life
simply by gathering details from an overheard restaurant conversation. Gray walks you through
the sometimes difficult decision making process that every ethical social engineer must go
through when implementing a phishing engagement including how to decide whether to do things
manually or use automated tools even how to set up your web server and build other technical
tools necessary to succeed.
