Social Engineering Penetration Testing (häftad)
Format
Häftad (Paperback)
Språk
Engelska
Antal sidor
390
Utgivningsdatum
2014-06-07
Förlag
Syngress
Medarbetare
Mason, Andrew / Ackroyd, Richard
Illustrationer
Illustrated
Dimensioner
234 x 196 x 25 mm
Vikt
825 g
Antal komponenter
1
Komponenter
3:B&W 7.5 x 9.25 in or 235 x 191 mm Perfect Bound on White w/Gloss Lam
ISBN
9780124201248
Social Engineering Penetration Testing (häftad)

Social Engineering Penetration Testing

Executing Social Engineering Pen Tests, Assessments and Defense

Häftad Engelska, 2014-06-07
384
Skickas inom 2-5 vardagar.
Fri frakt inom Sverige för privatpersoner.
Finns även som
Visa alla 1 format & utgåvor
Social engineering attacks target the weakest link in an organization's securityhuman beings. Everyone knows these attacks are effective, and everyone knows they are on the rise. Now, Social Engineering Penetration Testing gives you the practical methodology and everything you need to plan and execute a social engineering penetration test and assessment. You will gain fascinating insights into how social engineering techniques including email phishing, telephone pretexting, and physical vectors can be used to elicit information or manipulate individuals into performing actions that may aid in an attack. Using the book's easy-to-understand models and examples, you will have a much better understanding of how best to defend against these attacks.

The authors of Social Engineering Penetration Testing show you hands-on techniques they have used at RandomStorm to provide clients with valuable results that make a real difference to the security of their businesses. You will learn about the differences between social engineering pen tests lasting anywhere from a few days to several months. The book shows you how to use widely available open-source tools to conduct your pen tests, then walks you through the practical steps to improve defense measures in response to test results.

  • Understand how to plan and execute an effective social engineering assessment
  • Learn how to configure and use the open-source tools available for the social engineer
  • Identify parts of an assessment that will most benefit time-critical engagements
  • Learn how to design target scenarios, create plausible attack situations, and support various attack vectors with technology
  • Create an assessment report, then improve defense measures in response to test results
Visa hela texten

Passar bra ihop

  1. Social Engineering Penetration Testing
  2. +
  3. Clean Code: A Handbook Of Agile Software Craftsmanship

De som köpt den här boken har ofta också köpt Clean Code: A Handbook Of Agile Software Crafts... av Robert C Martin (häftad).

Köp båda 2 för 823 kr

Kundrecensioner

Har du läst boken? Sätt ditt betyg »

Fler böcker av Gavin Watson

  • Skins

    Gavin Watson

    Perhaps one of the most reviled yet misunderstood of all the youth subcultures, the skinhead look and lifestyle has now rightly returned to the very forefront of contemporary youth culture. While celebrities and sportsmen shave their heads for the...

  • Plan B

    Ben Drew, Gavin Watson

    Ben Drew, aka Plan B, is the multi-platinum-selling rapper, singer, film director, producer and actor who shot to fame with THE DEFAMATION OF STRICKLAND BANKS album and went on to create the groundbreaking ILL MANORS film and Number One soundtrack...

Recensioner i media

"...art depends on technique here,...and that is the book's main focus: the techniques of these con artists. This book goes beyond the art and that is what makes it a must-read." --Computing Reviews

"...will help you understand the many tricks and approaches to this most powerful of hacking processes. And...it will enable you to integrate social engineering within the overall framework of your penetration testing services." -Network Security, Nov 2014



Bloggat om Social Engineering Penetration Testing

Övrig information

Gavin is the Professional Services Manager at RandomStorm and is responsible for devising and also delivering innovative testing services offered to clients, including the full range of penetration testing and social engineering engagements. Gavin has worked in IT for many years, focusing for the past five years on delivering internal and external penetration tests and social engineering engagements for multiple clients across all verticals. Andrew is the co-founder and Technical Director at RandomStorm and is responsible for the formulation and execution of strategy for the technical department within RandomStorm. Andrew has over 20 years experience in IT with recent years focused on Internet security, offering board-level consultancy to numerous enterprise customers within disparate geographical regions. Andrew has authored several infosec titles for McGraw Hill and Cisco Press. His most recent publications have been focused on Firewalls and Threat Mitigation from common vulnerabilities. Andrew has also contributed to several books on networking topics as well as writing numerous articles for online and print trade journals and newspapers including the Sunday Times. Based in the UK, RandomStorm is a global infosec services consultancy providing turnkey solutions to organizations of any size. RandomStorm has offices in UK, US, Canada, Jordan and UAE. Richard is a Senior Security Engineer for RandomStorm and is involved in the conducting penetration testing and social engineering assessments for clients across all verticals.

Innehållsförteckning

Introduction to Social Engineering Why People are the Weakest Link in your Security Basic Techniques, Deception, and Manipulation Assessment Prerequisites Reconnaissance: Building the Foundation of an Assessment Ensuring Value Through Effective Threat Modeling Designed Targeted Scenarios A Model for Creating Plausible Situations The Email Attack Vector - Spear Phishing The Telephone Attack Vector The Physical Attack Vector Supporting an Attack with Technology Difference between "Long Game" and "Short Game" Attack Strategies Writing the Report Creating Hardened Policies and Procedures Reclassifying Information Improving Physical Security Controls Designing and Conducting Effective Staff Awareness Training Internal Social Engineering Assessments