What You Will Learn
Social engineering is an amazingly effective technique that has one important advantage over many other attacks - it allows adversaries or testers to bypass many of the technological controls in an environment by enabling them to act as, or with the assistance of, a trusted insider.
Any organization that employs humans is subject to risk. Social engineering allows the adversary to achieve a foothold in environments where technical controls may have made gaining such a foothold very difficult. Successful social engineering utilizes psychological principles and technical techniques to measure your success, manage the associated risk, and prepare an organization for social engineering attacks.
SEC467: Social Engineering for Security Professionals provides the blend of knowledge required to add social engineering skills to your penetration testing portfolio. The course provides tools and techniques for testers to identify flaws in their environments that are vulnerable to social engineering attacks. Defenders taking this course will note common tools and techniques that will enable them to prepare responses and countermeasures within their organizations. SEC467 covers the principles of persuasion and the psychological foundations required to craft effective attacks. It then bolsters that information with numerous examples of what works, drawing on the experiences of both cyber criminals as well as the course authors. You will learn how to perform recon on targets using a wide variety of sites and tools, create and track phishing campaigns, and develop media payloads that effectively demonstrate compromise scenarios. You will also learn how to conduct pretexting exercises. We will wrap up the course with a fun Capture-the-Human exercise to put what you have learned into practice. This is the perfect course to open up new attack possibilities, better understand the human vulnerability in attacks, and practice snares that have proven themselves in tests time and time again.
You will learn:
- The psychological underpinnings of social engineering
- How to successfully execute your first social engineering test in your company or as a consultant
- Social engineering knowledge to develop new variations of attacks or increase your snare rate
- How to manage some of the ethical and risk challenges associated with social engineering engagements
- How to enhance other penetration testing disciplines by understanding human behavior and how to exploit it
You will receive with this course:
- Eight self-contained labs that you can run outside of class
- Windows and Linux VMs
- Sample documentation and templates
Syllabus (12 CPEs)
Section one of the course introduces you to key social engineering concepts, the goals of social engineering, and a myriad of reconnaissance tools to help prepare you for successful campaigns. We complete the section with exercises centered around the most popular and scalable form of social engineering: phishing. Each exercise includes how to execute the attack, what works and what doesn't, and how to report on the attack to help the organization improve its defenses.
- Recon and Profiling: Applying the tools
- Tracking Clicks: Measuring your social engineering success
- SET Site Cloning: Building a believable phishing site
- Data Logging: Building more advanced credential and data theft portals
- Psychology of Social Engineering
- Targeting and Recon
- Secure and Convincing Phishing
- Tracking Clicks
- Secure Phishing Forms
Section two builds on the principles covered in the previous section to focus heavily on payloads for your social engineering engagements. We will cover how to avoid detection, limit the risk of your payloads causing issues, and build a bespoke payload that works and looks the part of your selected snare. We will then introduce another powerful skill with pretexting and cover how it can be combined to get payloads running. We end the section with a Capture-the-Human exercise in which students can apply their newly found skills and with a look at the top dos and donts in an engagement.
- PowerShell Payloads: Creating and deploying a PowerShell-based backdoor
- Roll Your Own Payload: Limit risk, avoid detection, and prove your penetration test
- Pretty Payloads: Making your payloads look the part
- Pretexting: Persuading your way to data
- Capture the Human: Blended social engineering challenge
- USB and Media Drops
- Building a Payload
- Clicks That Work
- Successful Pretexting
- Tailgating and Physical Access
- Social Engineering Reports
- Social Engineering: Where It All Fits
- Risky Business
SEC467 does not require existing penetration testing skills, but students who have those skills will be better able to apply the course material and enhance other penetration testing disciplines with their newly acquired knowledge.
Important! Bring your own system configured according to these instructions!
A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.
Some of the course exercises are based on Windows, while others focus on Linux. VMware Workstation is required for the class. If you plan to use a Macintosh, please make sure you bring VMware Fusion. Both Windows and Linux VMs are provided with the course, so you should not need to make any modifications to your host machine outside of installing VMware.
Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run VMware virtualization products described below. Note: Apple systems using the M1 processor cannot perform the necessary virtualization at this time and cannot be used for this course.
System Hardware Requirements
Operating System: Windows, macOS, or Linux
Any operating system (Windows, macOS, or Linux) that can run VMware Workstation Player/Pro or VMware Fusion. Those who use a Linux host must be able to access the ExFAT partitions using the appropriate kernel or FUSE modules.
8 GB RAM Required
8 GB RAM is required for the best experience. To verify on Windows 10, press Windows key + I" to open Settings, then click System, then About. Your RAM information will be toward the bottom of the page. To verify on a Mac, click the Apple logo at the top left-hand corner of your display and then click About this Mac.
Hard Drive Free Space
60 GB of FREE space on the hard drive is critical to host the VMs and additional files we distribute. SSD drives are also highly recommended, as they allow virtual machines to run much faster than mechanical hard drives.
You will need a pair of headphones to listen, in the classroom, to the audio and video provided with this course.
Additional Software Requirements
Install VMware Player 15, VMware Fusion 11, or VMware Workstation 15. Older Versions will not work for this course. Choose the version compatible with your host OS. If you do not own a licensed copy of VMware Workstation or Fusion, you can download a free 30-day trial copy from VMware. VMware will send you a time-limited serial number if you register for the trial at their Web site. VMware Workstation Player is a free download that does not need a commercial license but has fewer features than Workstation. THIS IS CRITICAL: Other virtualization products, such as Hyper-V and VirtualBox, are not supported and will not work with the course material.
Some of the tools used in the course will require local admin access. This is absolutely required. If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different system.
You will be required to disable your anti-virus tools temporarily for some exercises, so make sure you have the anti-virus administrator permissions to do so. DO NOT plan on just killing your anti-virus service or processes, because most anti-virus tools still function even when their associated services and processes have been terminated. For many enterprise-managed clients, disabling your anti-virus tool may require a different password than the Administrator account password. Please bring that administrator password for your anti-virus tool.
If you have additional questions about the laptop specifications, please contact email@example.com.
"Social engineering has always been a critical part of the cyber criminals toolkit and has been at the core of innumerable attacks over the years. Organizations are taking significant interest in social engineering as a part of penetration testing, yet many penetration testers do not have social engineering skills in their attack toolkit. We are passionate about changing that and opening up a new set of attack possibilities. That being said, this is an area filled with ethical challenges, risks, and even legal landmines. So weve done our best to share our experiences in the course in a way that enables people to reap the benefits of our experiences without enduring the pitfalls we have dealt with over the years." - Dave Shackleford and James Leyte-Vidal