Social Engineering for Security Professionals
This course will prepare you to add social engineering skills to your security strategy. In this course, you will learn how to perform recon on targets using a wide variety of sites and tools, create and track phishing campaigns, and develop media payloads that effectively demonstrate compromise scenarios. You will also learn how to conduct pretexting exercises, and you will put what you have learned into practice with a fun Capture-the-Human exercise.(Online classes available)
Course Key Learnings:
- The psychological underpinnings of social engineering
- How to successfully execute your first social engineering test in your company or as a consultant
- Social engineering knowledge to develop new variations of attacks or increase your snare rate
- How to manage some of the ethical and risk challenges associated with social engineering engagements
- How to enhance other penetration testing disciplines by understanding human behavior and how to exploit it.
Course Content:
Module1: : Social Engineering Fundamentals, Recon, and Phishing
Overview
Section one of the course introduces you to key social engineering concepts, the goals of social engineering, and a myriad of reconnaissance tools to help prepare you for successful campaigns. We complete the section with exercises centered around the most popular and scalable form of social engineering: phishing. Each exercise includes how to execute the attack, what works and what doesn’t, and how to report on the attack to help the organization improve its defenses.
Exercises
- Recon and Profiling: Applying the tools
- Tracking Clicks: Measuring your social engineering success
- SET Site Cloning: Building a believable phishing site
- Data Logging: Building more advanced credential and data theft portals
Topics
- Psychology of Social Engineering
- Targeting and Recon
- Secure and Convincing Phishing
- Tracking Clicks
- Secure Phishing Forms
Module2: Media Drops and Payloads, Pretexting, Physical Testing, and Reporting
Section two builds on the principles covered in the previous section to focus heavily on payloads for your social engineering engagements. We will cover how to avoid detection, limit the risk of your payloads causing issues, and build a bespoke payload that works and looks the part of your selected snare. We will then introduce another powerful skill with pretexting and cover how it can be combined to get payloads running. We end the section with a Capture-the-Human exercise in which students can apply their newly found skills and with a look at the top do’s and don’ts in an engagement.
Exercises
- PowerShell Payloads: Creating and deploying a PowerShell-based backdoor
- Roll Your Own Payload: Limit risk, avoid detection, and prove your penetration test
- Pretty Payloads: Making your payloads look the part
- Pretexting: Persuading your way to data
- Capture the Human: Blended social engineering challenge
Topics
- USB and Media Drops
- Building a Payload
- Clicks That Work
- Successful Pretexting
- Tailgating and Physical Access
- Social Engineering Reports
- Social Engineering: Where It All Fits
- Risky Business
International Student Fee: 500 US$
Job Interview Preparation (Soft Skills Questions & Answers)
- Tough Open-Ended Job Interview Questions
- What to Wear for Best Job Interview Attire
- Job Interview Question- What are You Passionate About?
- How to Prepare for a Job Promotion Interview
Your FREE eLEARNING Courses (Click Here)
Internships, Freelance and Full-Time Work opportunities
- Join Internships and Referral Program (click for details)
- Work as Freelancer or Full-Time Employee (click for details)
Flexible Class Options
- Week End Classes For Professionals SAT | SUN
- Corporate Group Trainings Available
- Online Classes – Live Virtual Class (L.V.C), Online Training
Related Courses
Blockchain and Smart Contract Security
Combating Supply Chain Attacks with Product Security Testing