Play by Play: A Penetration Tester's Guide to Social Engineering

In this course, you’ll learn about basic and advanced techniques used in social engineering attacks.
Course info
Rating
(15)
Level
Beginner
Updated
Dec 22, 2017
Duration
1h 8m
Table of contents
Description
Course info
Rating
(15)
Level
Beginner
Updated
Dec 22, 2017
Duration
1h 8m
Description

Play by Play is a series in which top technologists work through a problem in real time, unrehearsed, and unscripted. In this course, Play by Play: A Penetration Tester’s Guide to Social Engineering, Stephen Haunts and Lars Klint are going to delve into the shadowy world of social engineering. Learn about information gathering, pre-texting, and manipulation. By the end of this course, you’ll know a wide range of techniques that you can use to protect yourself and your company from a social engineering attack.

About the author
About the author

Stephen Haunts is an experienced Software Developer and Leader who has worked across multiple business domains including Computer Games, Finance, and Healthcare Retail and Distribution. Stephen has worked in languages ranging from Assembler, various forms of BASIC, to C and C++, and then finding his love of C# and .NET.

More from the author
Blockchain – Principles and Practices
Intermediate
2h 41m
14 Feb 2018
More courses by Stephen Haunts
About the author

Lars is an author, trainer, Microsoft MVP, community leader, authority on all things Windows Platform, and part time crocodile wrangler. He is heavily involved in the space of HoloLens and mixed reality, as well as a published Pluralsight author, freelance solution architect, and writer for numerous publications.

More from the author
Managing Scope Creep
Beginner
1h 22m
5 Jul 2018
More courses by Lars Klint
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. Welcome to our Play By Play course called A Penetration Tester's Guide to Social Engineering. My name is Stephen Haunts, and I'm software developer, leader, and trainer. And I'm Lars Klint, a freelance software developer, trainer, international speaker, and expert in Australian outback internet. Yes, that is really a thing. In this Play By Play course, we're going to delve into the shadowy world of social engineering. Social engineering is a series of techniques used to extract information from people for their own gain. The majority of the time, this is used for illegal gain by criminals, but social engineering is also used by people such as penetration testers to try and gain access to companies and their systems via their employees. In this Play By Play, me and Lars are going to cover a framework of social engineering that covers information gathering, pretexting, elicitation, and manipulation. We're going to go over some of the techniques used by social engineers to extract information from people. We will then cover lots of techniques that you can use to protect yourself and your companies from a social engineering attack. I hope you'll join me and Lars on this journey to learn about the fascinating world of social engineering in our Play By Play course, A Penetration Tester's Guide to Social Engineering here at Pluralsight.

A Framework for Social Engineering
Cool, so now we've looked at precedence of what social engineering can be, what impersonation is, let's have a look at, you were mentioning a framework for how, well let's say implement it for lack of a better word. Yeah, so we'll take a high-level look at a framework that you would follow to plan an attack, a social engineering attack against someone. So if we look at the diagram we have on the screen here, it's split into four stages. So first of all we start off with information gathering, and then we've got pretexting, followed by elicitation, and then manipulation. So let's go through each of those in turn. Sure.