Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

Solutions for Emerging Risks

Discover tailored resources that translate emerging threats into actionable strategies

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

SEC467: Social Engineering for Security Professionals

SEC467Offensive Operations
  • 2 Days (Instructor-Led)
  • 12 Hours (Self-Paced)
Course created by:
Dave ShacklefordJames Leyte-Vidal
Dave Shackleford & James Leyte-Vidal
Register Now
SEC467: Social Engineering For Security Professionals
Course created by:
Dave ShacklefordJames Leyte-Vidal
Dave Shackleford & James Leyte-Vidal
Register Now
  • 12 CPEs

    Apply your credits to renew your certifications

  • In-Person or Virtual

    Attend a live, instructor-led class from a location near you or virtually from anywhere

  • 8 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Jump to:

Plan, execute, and defend against social engineering attacks by mastering the psychology, tools, and techniques used by adversaries and professional testers.

Course Overview

Discover the psychology and techniques behind social engineering to enhance your penetration testing skills or defend your organization. Learn reconnaissance, phishing, pretexting, and risk management through hands-on labs and real-world examples.

What You’ll Learn

  • Understand the psychological underpinnings of social engineering
  • Execute a successful social engineering test in your company or as a consultant
  • Develop new variations of social engineering attacks or increase your snare rate
  • Navigate the ethical challenges and risks associated with social engineering engagements
  • Enhance other penetration testing disciplines by understanding human behavior and how to exploit it

Business Takeaways

  • Broaden skill set for penetration testers and red teamers
  • Strengthen defense strategies for blue teamers and security leaders
  • Improve ability to communicate risk to stakeholders and leadership
  • Uncover risks that cannot be found with traditional testing
  • Prepare teams to recognize, resist, and report attacks

Meet Your Authors

  • Slide 1 of 2
    Dave Shackleford
    Dave Shackleford

    Dave Shackleford

    Senior Instructor

    Dave Shackleford, founder of Voodoo Security, has advanced cybersecurity through his leadership roles, including serving as CTO for the Center for Internet Security, where he coordinated the first published virtualization security benchmarks.

    Read more about Dave Shackleford
  • Slide 2 of 2
    James Leyte-Vidal
    James Leyte-Vidal

    James Leyte-Vidal

    Principal Instructor

    James Leyte-Vidal, GSE #209, has shaped offensive cybersecurity through decades of frontline innovation, authoring Ethical Password Cracking and leading Fortune 100 InfoSec teams to elevate global cyber defense.

    Read more about James Leyte-Vidal
Slide 1 of 0

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in SEC467: Social Engineering for Security Professionals.

Section 1:Social Engineering Fundamentals, Recon, and Phishing

Section one covers key social engineering concepts, goals, and reconnaissance tools to prepare for successful campaigns. You will complete exercises on phishing—the most popular and scalable attack—understanding how to execute attacks, discovering what works and what doesn’t, and learning how to report findings to improve defenses.

Topics covered

  • Psychology of Social Engineering
  • Targeting and Recon
  • Secure and Convincing Phishing
  • Tracking Clicks
  • Secure Phishing Forms

Labs

  • Recon and Profiling
  • Tracking Clicks
  • SET Site Cloning
  • Data Logging

Section 2Defense in Depth

Section two dives into crafting effective payloads, covering evasion, risk reduction, and building believable snares. You will learn pretexting to boost success, then apply your skills in a Capture-the-Human exercise, finishing with key “dos” and “don’ts” for successful social engineering engagements.

Topics covered

  • USB and Media Drops
  • Building a Payload
  • Successful Pretexting
  • Tailgating and Physical Access
  • Social Engineering Reports

Labs

  • PowerShell Payloads
  • Roll Your Own Payload
  • Pretty Payloads
  • Pretexting
  • Capture the Human

Things You Need To Know

Relevant Job Roles

Cyber Operations Planner (DCWF 332)

DoD 8140: Cyber Effects

Coordinates cyber operations plans, working with analysts and operators to support targeting and synchronization of actions in cyberspace.

Explore learning path

Course Schedule & Pricing

Looking for Group Purchasing Options?Contact Us
Filter by:
  • Location & instructor

    Chicago, IL, US & Virtual (live)

    Instructed by Dave Shackleford
    Date & Time
    Fetching schedule..View event details
    Course price
    $3,505 USD*Prices exclude applicable local taxes
    Registration Options
    In-PersonVirtual
  • Location & instructor

    Virtual (live)

    Instructed by James Leyte-Vidal
    Date & Time
    Fetching schedule..View event details
    Course price
    $3,505 USD*Prices exclude applicable local taxes
    Registration Options
    Virtual
  • Location & instructor

    Virtual (live)

    Instructed by James Leyte-Vidal
    Date & Time
    Fetching schedule..View event details
    Course price
    $3,505 USD*Prices exclude applicable local taxes
    Registration Options
    Virtual
Showing 3 of 3

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources