Shop now Shop now Shop now  Up to 50% Off Fashion  Shop all Amazon Fashion Cloud Drive Photos Shop now Learn More Shop now Shop now Shop Fire Shop Kindle Listen with Prime Shop now Shop now

Customer Reviews

4.3 out of 5 stars32
4.3 out of 5 stars
Format: Paperback|Change
Price:£15.56+ Free shipping with Amazon Prime
Your rating(Clear)Rate this item

There was a problem filtering reviews right now. Please try again later.

on 2 January 2012
A book containing the entire body of knowledge pertaining to Social Engineering is going to run to several volumes. Its such a wide subject encompassing a huge variety of topics that a single volume just isn't going to be able to cover them all in inordinate detail; even Microsoft canned Encarta when the Internet took off :). I therefore picked up this book hoping to gain an oversight into the field of Social Engineering, learn the most important aspects of it, and hopefully pick up some references for future study. It delivered on my expectations in spades.

It first establishes the framework of social engineering, something that I think is incredibly important. Yes you can learn individual elements but without understanding where they sit in a framework (where they are most prudent, what inputs you need and what outputs you can expect) you limit your overall effectiveness as/understanding of a social engineer. It then proceeds to take you through each of the elements in turn, delivering a precis and expanding on specific salient points. Every section is accompanied with copious references for further research and its clear that the author is intimately familiar with his material. Moreover, its also clear that he has a passion for the subject matter and this comes across well in the book.

Although written in a slight slant towards penetration testing, the author goes to great lengths to point out that in order to defend against something you need to understand how, where, and when someone will attack. Its something of an Infosec pastiche, but the Sun-Tzu quote "Know thine enemy better than one knows thyself" certainly applies here. As someone on the defence side, this book is invaluable in understanding how someone may use these techniques against us and should be a mandatory read for anyone tasked with creating an infosec program that really works.
0Comment|7 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 27 September 2011
The publication is very well rounded giving a good brief description considering the complexity of the subject / practise of Social Engineering allowing for a good starting point for further indepth study.

In my opinion it is written in a way that makes you drive for a better understanding and in turn a wanting to pass on the knowledge (like any good Ethical Hacker).

The psychological principles intrigued me most and has in fact caused me to examine nearly ever social encounter I have giving me a feel for the true nature of the conversation, and in some cases getting what i want (some what to my surprise). First I found myself drifting in my own thoughts with trying to take in and process every aspect of the conversation from visual cues to tone of voice causing the person talking to me to either go "errrr you ok" or "hello?" (depending on whether the conversation was held over the phone in person etc).

Regardless of your knowledge or abilities in Social Engineering. After reading this book you will start picking up signals and even using some of the skills you have learnt. That's a promise.

It covers everything in once place and as mentioned previously its a great start for detailed study. Gives you all the direction you need.
0Comment|3 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 29 September 2011
There are may resources that have tried to cover social engineering over the last few years, and I can honestly say that this blows them all out of the water.
This is a book that should be included in all business training, whether you are a CISO, CIO, or a member of a security team, what you will learn in this book will change your life, and the way that you look at security in general.
I can imagine that this book will also scare the hell out of a lot of readers, but Chris has put down on paper what the bad guys do, and how you can learn the same methods to be a successful social engineer, and also how to protect your organisation against these attacks.
Don't expect this book to instantly turn you into an expert social engineer, as these things take a lot of time and effort, but it gives you everything you need to become one.
All I can say is well done Chris, this is the book that the security and executive world has been waiting for.
This book really will change your life.
0Comment|3 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 26 January 2011
Pen testing and IT security assessments often cover less than 1/2 of the real world security problems experienced by modern day organisations. The risk posed by willing or unwitting employees disclosing information or acting as conduits to internal systems cannot be underestimated. Chris Hadnagy has been a regular conference presenter on the subject for several years and was very well placed to write this book. It is a well written collection of the primary skills and tools used by the accomplished Social Engineer which is a must read for security professionals and company managers alike.

Written in largely non-technical language but in such a way so as not to irritate the security specialist the book takes you on a roller-coaster of disparate yet somehow cohesive techniques and tools which can lead to a successful exploitation of an individual or company.

If you are learning about security or if its the way you learn your living, you need to read this book.
0Comment|11 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 27 May 2011
I'm gonna cut to the chase... The Art of Human Hacking is the best book about Social Engineering out there. I was a bit tired of infosec non-quality books, however the people of Offensive Security have been doing a very high quality work so I decided to pick up this book. Guess what? This book is no exception. It is a well written collection of the primary skills and tools used by Social Engineers. Sadly, the NLP section is a bit short. I studied it in the past and NLP just works! Just as almost every technique mentioned in the book.

Additionally, you'll get lots of references to the Social Engineering Framework available on the author's website, so you can explore any topic even further. Highly Recommended!
0Comment|One person found this helpful. Was this review helpful to you?YesNoReport abuse
on 4 June 2016
The book is packed with information. In fact I haven't finished reading it at the time of writing this. But I can say a few things. There is a lot of stuff you need to know contained within this book. But I have to say it is the scariest thing I've read. Then again there are a few things which didn't seem to right to me. One is that all it takes is an infected USB key to get into a large firm's servers. Why didn't it get stopped by the anti virus anti mal wear protection that is now ubiquitous? Further more, if you don't want employees using the USB ports, the computer administrator can disable them. If I was the CEO of a company and that nice man who left me a CD phones and asks what I thought of it. I would probabnly say I haven't got it back from security screening yet. All these things have to bee screened first before they can be put into our computers.

If I was a company's receptionist or a first point of contact for outsiders I probably wouldn't put family photos on my desk, because that's just inviting people to ask questions about my home life and I am there to work and I believe in keeping strict boundaries between my work life and my home life.

Does that mean I don't think I can be caught? That would be arogant and it's people who thing it can't happen to them, who are the first ones to get caught, isn't it?

Too many things are on the internet these days and I agree with the author when he says they have no business being there. Things such as washing fridges, printers, a city's traffic light system. But corporate America wants to force more and more things onto the internet and people need to vote with their feet. I have a Hewlette Packard printer and recently HP have done something to the software so that the printer only works whilst it is connected to the internet. I am lothsome to replace a printer that is still working, but I can make sure it is switched off at the main when I am not using it. The book describes a new search engine which can locate any internet connected device and tell who owns it and more.

In short I think everyone should get this book and protect themselves as best they can.

As an adendum I think that all biometric login systems weaken security. A password is in your head or if it has to be written down it can be written in code. But hackers will soon find a way of using a video of your face to log into your computer account. The release of Windows 8.1 has made it necessary to be even more security conscious because your account isn't just local any more it is on the cloud where people could hack in from any machine and as you are forced to use your email as your log-in name anyone can get it.
0Comment|Was this review helpful to you?YesNoReport abuse
on 26 January 2014
Social engineering is used everyday, in every aspect of our life, without us even knowing at times! Not just by con men, hackers etc but sales reps, doctors, parents employers, teachers. Knowing and playing on human emotions is very powerful tool and can be used to manipulate people to do actions they normally would not do. The human brain is the CPU and hard-drive combined and this can be overloaded (human buffer attack) and manipulated by emotion triggering (which can be triggered by just bringing back a memory in the brain good/bad). Whether over the phone or in person (facial muscles perform certain twitches for every emotion, anyone watched Lie to Me?) the human is always open to attack.

This book covers a wide range of topics, from how we use social engineering day to day in our personal lives, how the media/businesses use this globally and tests/case studies used by trained pentesters/social engineer auditors simply to just open peoples eyes to see this, its almost like our eyes are closed to all these techniques, as mostly done subconsciously.

Would highly recommend having a read. I do believe the book is aimed at non-technical computer readers (as author really explains technical terms in layman) however even as a technical person this book still is very enjoyable read. It's all good breaking computer systems/networks but having the extra ability to break humans into giving you faster, direct, powerful entry is even more astonishing . This skill can be applied in every area of life, not just digitally, to ensure you are never ripped off (be it a sales man/media advertisements etc) and also helps you protect your family, work, business, investments, money and future as you will not be easily manipulated by this technique when you are aware.
0Comment|Was this review helpful to you?YesNoReport abuse
on 11 December 2014
Where are all the citations? The claims are too bold for the little evidence it provides. I'd say the author has taken the analogy of the Human mind being like a computer way too far.
0Comment|2 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 17 August 2011
The value of this book cannot be underestimated. While the majority of technical security books focus on software and hardware security, this book addresses a factor which is often overlooked in today's security infrastructure: The human factor.
It shows how attacker's use methods and psychological tricks which allow them to gain access to environments which are technically quite secure and it does it in the best way possible: by combining real life examples (which read like a spy novel) with an academic approach, citing studies and research and all this is done in a very structured way.
Personally, I think the examples of lockpicking gear and GPS tracking stuff could have been omitted, since there are other books which address these and it leads us off topic, but on the other hand they prove some valid points and they serve as good examples/eye openers.
This book is highly recommended and also one of the very few books which can be read by the non-technical user who wants an insight on today's social engineering techniques.
0Comment|5 people found this helpful. Was this review helpful to you?YesNoReport abuse
on 15 October 2011
I really enjoyed this book, it sheds a light in all issues concerning human hacking and it explores important concepts such as elicitation, pretexting and Psychological Mind Tricks.

I believe it's a bookshelf's keeper, especially for those who work in security ande defensa areas.

It contributes a great deal for personal awareness.
0Comment|One person found this helpful. Was this review helpful to you?YesNoReport abuse

Sponsored Links

  (What is this?)