Print this page Share

Social Engineering: The Art of Human Hacking

ISBN: 978-0-470-63953-5
416 pages
December 2010
Social Engineering: The Art of Human Hacking (0470639539) cover image


The first book to reveal and dissect the technical aspect of many social engineering maneuvers

From elicitation, pretexting, influence and manipulation all aspects of social engineering are picked apart, discussed and explained by using real world examples, personal experience and the science behind them to unraveled the mystery in social engineering.

Kevin Mitnick—one of the most famous social engineers in the world—popularized the term “social engineering.” He explained that it is much easier to trick someone into revealing a password for a system than to exert the effort of hacking into the system. Mitnick claims that this social engineering tactic was the single-most effective method in his arsenal. This indispensable book examines a variety of maneuvers that are aimed at deceiving unsuspecting victims, while it also addresses ways to prevent social engineering threats.

  • Examines social engineering, the science of influencing a target to perform a desired task or divulge information
  • Arms you with invaluable information about the many methods of trickery that hackers use in order to gather information with the intent of executing identity theft, fraud, or gaining computer system access
  • Reveals vital steps for preventing social engineering threats

Social Engineering: The Art of Human Hacking does its part to prepare you against nefarious hackers—now you can do your part by putting to good use the critical information within its pages.

See More

Table of Contents

Foreword xiii

Preface and Acknowledgments xvii

1 A Look into the World of Social Engineering 1

Why This Book Is So Valuable 3

Overview of Social Engineering 9

Summary 21

2 Information Gathering 23

Gathering Information 26

Sources for Information Gathering 33

Communication Modeling 43

The Power of Communication Models 53

3 Elicitation 55

What Is Elicitation? 56

The Goals of Elicitation 58

Mastering Elicitation 74

Summary 76

4 Pretexting: How to Become Anyone 77

What Is Pretexting? 78

The Principles and Planning Stages of Pretexting 79

Successful Pretexting 91

Summary 99

5 Mind Tricks: Psychological Principles Used in Social Engineering 101

Modes of Thinking 103

Microexpressions 109

Neurolinguistic Programming (NLP) 136

Interview and Interrogation 143

Building Instant Rapport 162

The Human Buffer Overflow 172

Summary 178

6 Influence: The Power of Persuasion 181

The Five Fundamentals of Influence and Persuasion 182

Influence Tactics 187

Altering Reality: Framing 215

Manipulation: Controlling Your Target 233

Manipulation in Social Engineering 248

Summary 256

7 The Tools of the Social Engineer 259

Physical Tools 260

Online Information-Gathering Tools 279

Summary 297

8 Case Studies: Dissecting the Social Engineer 299

Mitnick Case Study 1: Hacking the DMV 300

Mitnick Case Study 2: Hacking the Social Security Administration 306

Hadnagy Case Study 1: The Overconfident CEO 310

Hadnagy Case Study 2: The Theme Park Scandal 317

Top-Secret Case Study 1: Mission Not Impossible 322

Top-Secret Case Study 2: Social Engineering a Hacker 329

Why Case Studies Are Important 337

Summary 338

9 Prevention and Mitigation 339

Learning to Identify Social Engineering Attacks 340

Creating a Personal Security Awareness Culture 341

Being Aware of the Value of the Information You Are Being Asked For 344

Keeping Software Updated 347

Developing Scripts 348

Learning from Social Engineering Audits 348

Concluding Remarks 354

Summary 361

Index 363

See More

Author Information

Christopher Hadnagy is the lead developer of www.social-engineer.org, the world's first social engineering framework. In more than 14 years of security and IT activity, he has partnered with the team at www.backtrack-linux.org and worked on a wide variety of security projects. He also serves as trainer and lead social engineer for Offensive Security's penetration testing team.
See More


Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.

ChapterPageDetailsDatePrint Run
5 Error in Text
Sentence currently reads: This is book
Should read: This book
35 Error in Text
Currently reads: you be given
Should read: you would be given
58 Error in Text
Currently reads: used as well door locking security

Should read: used as well as the door locking security
77 Error in Text
From bottom, there should be no comma after 'engineer'

There should be a comma after 'on this topic'
272 Error in Text
Currently reads: from $200-600

Should read: from $200 to $600
280 Error in Text
Currently reads: a couple reviews
Should read: a couple of reviews
325 Error in Text
Currently reads: an great find
Should read: a great find
327 Error in Text
At bottom of page, add colon at end of sentence.
See More

Press Release

December 13, 2010
Book Reveals, Prevents, The Art of Human Hacking

December 13, 2010 (Hoboken, NJ) -- Social engineering is the act of manipulating a person to accomplish goals that may or may not be in their best interest. This may include obtaining information, gaining access, or getting the target to take certain action. Many times social engineering is used in fraud, identity theft and malicious hacking.

One of the most famous hackers in the world, and later security consultant Kevin Mitnick, popularized the term "social engineering", pointing out that it is much easier to trick someone into giving a password for a system than to spend the effort to hack into the system. He claims it was the single most effective method in his arsenal.

In Social Engineering: The Art of Human Hacking, author Christopher Hadnagy details the world’s first framework for social engineering. True stories and case studies from the masters of the art, like Mitnick, and Handnagy himself, illustrate each of principles behind using social engineering to exploit, manipulate and deceive individuals and businesses alike. Chapters include (table of contents PDF download):

  • A Look into the World of Social Engineering.
  • Information Gathering.
  • Elicitation.
  • Pretexting: How to Become Anyone.
  • Mind Tricks: Psychological Principles Used in Social Engineering.
  • Influence: The Power of Persuasion.
  • The Tools of the Social Engineer.

As increasing threats and cases of identity theft, fraud, and deception continue to show up in news stories around the globe it is even more important for consumers, IT staff and security professionals to be aware and prepared to combat them. This book provides a basis for social engineering prevention education along the adage that the best deterrent to a crime is to reveal how the crime is perpetrated. Of significant interest is the case study section:

  • Mitnick Case Study 1: Hacking the DMV.
  • Mitnick Case Study 2: Hacking the Social Security Administration.
  • Hadnagy Case Study 1: The Overconfident CEO.
  • Hadnagy Case Study 2: The Theme Park Scandal.
  • Top-Secret Case Study 1: Mission Not Impossible.
  • Top-Secret Case Study 2: Social Engineering a Hacker.

“Most malware and client-side attacks have a social engineering component to deceive the user into letting the bad guys in. You can patch technical vulnerabilities as they evolve, but there is no patch for stupidity, or rather gullibility. Chris will show you how it’s done by revealing the social engineering vectors used by today’s intruders. His book will help you gain better insight on how to recognize these types of attacks,” said Kevin Mitnick, about the book.


For more information, please contact Ashley Evens via email at aevens [at] wiley [dot] com or call 201.748.6702. You can read more about the book, download a sample chapter, table of contents, and index here: http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470639539.html

Social Engineering: The Art of Human Hacking
Wiley; Available Now; $34.99
Paper; 408 pages; 9780470639535

About the author
Chris Hadnagy, aka loganWHD, has been involved with computers and technology for over 14 years. Presently his focus is on the “human” aspect of technology such as social engineering and physical security. Chris has spent time in providing training in many topics and also has had many articles published in local, national and international magazines and journals.

He presently is “Operations” for Offensive Security and the lead developer of Social-Engineer.Org. as well as a trainer for Offensive Security Pentesting With BackTrack Course. He has partnered with the team at http://www.backtrack-linux.org and is involved in various research projects such as Hardware Hacking, BackTrack, Exploit Development, Online Information Security Training, and various other aspects of network security. Chris is also the lead social engineer in the Offsec pen testing team. Chris can be found online at http://www.social-engineer.org, twitter as @humanhacker.

About Wiley
Founded in 1807, John Wiley & Sons, Inc. has been a valued source of information and understanding for 200 years, helping people around the world meet their needs and fulfill their aspirations. Since 1901, Wiley and its acquired companies have published the works of more than 350 Nobel laureates in all categories: Literature, Economics, Physiology or Medicine, Physics, Chemistry and Peace.

Our core businesses publish scientific, technical, medical and scholarly journals, encyclopedias, books, and online products and services; professional/trade books, subscription products, training materials, and online applications and websites; and educational materials for undergraduate and graduate students and lifelong learners. Wiley's global headquarters are located in Hoboken, New Jersey, with operations in the U.S., Europe, Asia, Canada, and Australia. The Company's Web site can be accessed at http://www.wiley.com. The Company is listed on the New York Stock Exchange under the symbols JWa and JWb.

See More
Instructors Resources
Wiley Instructor Companion Site
Request a print evaluation copy
Contact us
See More
See Less

Buy Both and Save 25%!


Social Engineering: The Art of Human Hacking (US $34.99)

-and- Liars and Outliers: Enabling the Trust that Society Needs to Thrive (US $24.95)

Total List Price: US $59.94
Discounted Price: US $44.95 (Save: US $14.99)

Buy Both
Cannot be combined with any other offers. Learn more.
Back to Top