Social Engineering: The Art of Human Hacking and over one million other books are available for Amazon Kindle. Learn more
Buy New
$23.33
Qty:1
  • List Price: $34.99
  • Save: $11.66 (33%)
FREE Shipping on orders over $35.
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Sell yours for a Gift Card
We'll buy it for $4.59
Learn More
Trade in now
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Social Engineering: The Art of Human Hacking Paperback – December 3, 2010

ISBN-13: 860-1300286532 ISBN-10: 0470639539 Edition: 1st

Buy New
Price: $23.33
48 New from $16.66 21 Used from $12.67
Amazon Price New from Used from
Kindle
"Please retry"
Paperback
"Please retry"
$23.33
$16.66 $12.67
Year-End%20Deals%20in%20Books

Frequently Bought Together

Social Engineering: The Art of Human Hacking + The Art of Deception: Controlling the Human Element of Security + Unmasking the Social Engineer: The Human Element of Security
Price for all three: $56.61

Buy the selected items together
If you buy a new print edition of this book (or purchased one in the past), you can buy the Kindle edition for only $2.99 (Save 85%). Print edition purchase must be sold by Amazon. Learn more.


Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 416 pages
  • Publisher: Wiley; 1 edition (December 3, 2010)
  • Language: English
  • ISBN-10: 0470639539
  • ISBN-13: 978-0470639535
  • Product Dimensions: 6.1 x 0.8 x 9 inches
  • Shipping Weight: 1.1 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (114 customer reviews)
  • Amazon Best Sellers Rank: #7,005 in Books (See Top 100 in Books)

Editorial Reviews

From the Inside Flap

Forward written by Paul Wilson from The Real Hustle UK. 
rpaulwilson.com/

From the Back Cover

"Chris Hadnagy has penned the ultimate text on social engineering. Meticulously researched and teeming with practical applications, this brilliant book offers solutions to very real problems and ever-present dangers to your business — and even to yourself. Truly groundbreaking."
Kevin Hogan, author of The Science of Influence: How to Get Anyone to Say "Yes" in 8 Minutes or Less

Discover the secrets of expert con men and human hackers

No matter how sophisticated your security equipment and procedures may be, their most easily exploitable aspect is, and has always been, the human infrastructure. The skilled, malicious social engineer is a weapon, nearly impossible to defend against.

This book covers, in detail, the world's first framework for social engineering. It defines, explains, and dissects each principle, then illustrates it with true stories and case studies from masters such as Kevin Mitnick, renowned author of The Art of Deception. You will discover just what it takes to excel as a social engineer. Then you will know your enemy.

Tour the Dark World of Social Engineering

  • Learn the psychological principles employed by social engineers and how they're used

  • Discover persuasion secrets that social engineers know well

  • See how the crafty crook takes advantage of cameras, GPS devices, and caller ID

  • Find out what information is, unbelievably, available online

  • Study real-world social engineering exploits step by step

"Most malware and client-side attacks have a social engineering component to deceive the user into letting the bad guys in. You can patch technical vulnerabilities as they evolve, but there is no patch for stupidity, or rather gullibility. Chris will show you how it's done by revealing the social engineering vectors used by today's intruders. His book will help you gain better insight on how to recognize these types of attacks."
Kevin Mitnick, Author, Speaker, and Consultant


More About the Author

Chris Hadnagy, aka loganWHD, has been involved with computers and technology for over 14 years. Presently his focus is on the "human" aspect of technology such as social engineering and physical security. Chris has spent time in providing training in many topics around the globe and also has had many articles published in local, national and international magazines and journals.

For more information see http://www.social-engineer.com

Chris is an student of Paul Ekman's training classes on Microexpressions and has spent time learning and educating others on the values of nonverbal communications. He has combined what he learned with years of experience in a new research he has called Neuro Linguistic Hacking(NLH) that combines nonverbal communications as well as the principles of the controversial study on NLP to influence other peoples emotions.

He is also the lead developer of Social-Engineer.Org as well as a the author of the best-selling book, Social Engineering: The Art of Human Hacking.

He has launched a line of professional social engineering training and pen testing services at Social-Engineer.Com. His goal is to help companies remain secure by educating them on the methods the "bad guys" use. Analyzing, studying, dissecting then performing the very same attacks used by malicious hackers on some of the most recent attacks (i.e. Sony, HB Gary, LockHeed Martin, etc), Chris is able to help companies stay educated and secure.

Chris runs one of the webs most successful security podcasts, The Social-Engineer.Org Podcast which spends time each monthly analyzing someone who has to use influence and persuasion in their daily lives. By dissecting what they do, we can learn how we can enhance our abilities. That same analysis runs over to the equally popular SEORG Newsletter. After two years, both of these have become a staple in most serious security practices and are used by Fortune 500 companies around the world to educate their staff. Chris can be found online at www.social-engineer.org, www.social-engineer.com and twitter as @humanhacker.

Customer Reviews

The book is very easy to understand, and it's easy to get into the details.
Mattias Borg
Security professionals: If you read only one book in 2011, make it Social Engineering: The Art of Human Hacking by Chris Hadnagy.
Ronald A. Woerner
Chris's book is a great way to understand the different methods and expand on them with real world examples.
Dave Kennedy (ReL1K)

Most Helpful Customer Reviews

29 of 32 people found the following review helpful By Dave on January 17, 2011
Format: Paperback Verified Purchase
This book is one of the best books I read in regards to (IT) security. I do absolutely recommend this book to any pentester, security officer or person interested in this very interesting aspect of security. Performing penetration tests and security audits myself I try to especially implement SE in tests and audits since it is the best way to find issues and the human factor is neglected in most of the tests and reviews.

There was no book like this book before dealing with Social Engineering. At best SE has been mentioned in a book about security and only a couple pages were dedicated to it. But nowadays SE is becoming more and more important to keep in mind. The times when attackers and pentesters could exploit weaknesses in applications and services without the need of user interaction are mostly over. Usually the user has to open a malicious file for example a PDF file. This book explains how this can be achieved and also what to keep in mind when preparing an awareness training.

Reading this book will teach you how SE attacks are being performed, the background and underlying principles of them as well how to detect and mitigate them.

Chris explains everything in a very good and understandable way giving a lot of examples and infos on where to start with further research on the explained techniques (e.g. NLP, microexpressions...).

It is definately a must have.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
63 of 76 people found the following review helpful By Ben Rothke on March 9, 2011
Format: Paperback
One can sum up all of Social Engineering: The Art of Human Hacking in two sentences from page 297, where author Christopher Hadnagy writes "tools are an important aspect of social engineering, but they do not make the social engineer. A tool alone is useless; but the knowledge of how to leverage and utilize that tool is invaluable". Far too many people think that information security and data protection is simply about running tools, without understanding how to use them. In this tremendous book, Hadnagy shows how crucial the human element is within information security.

With that, Social Engineering: The Art of Human Hacking is a fascinating and engrossing book on an important topic. The author takes the reader on a vast journey of the many aspects of social engineering. Since social engineering is such a people oriented topic, a large part of the book is dedicated to sociological and psychological topics. This is an important area, as far too many technology books focus on the hardware and software elements, completely ignoring the people element. The social engineer can then use that gap to their advantage.

By the time that you start chapter 2 on page 23, it is abundantly clear that the author knows what he is talking about. This is in stark contrast with How To Become The Worlds No. 1 Hacker, where that author uses plagiarism to try to weave a tale of being the world's greatest security expert. Here, Hadnagy uses his real knowledge and experience to take the reader on a long and engaging ride on the subject. Coming in at 9 chapters and 360 pages, the author brings an encyclopedic knowledge and dishes it out in every chapter.
Read more ›
4 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
124 of 154 people found the following review helpful By Brett A. Fishwild on May 1, 2011
Format: Paperback Verified Purchase
This book really isn't about computer safety, or about personal safety - it's just kind of all over. By page 40 I was skimming paragraphs, but page 100 I was skipping entire pages. This book is not written for people in the security field, nor is it really written for people who want to know more about their personal security. I think that if you know enough already to be aware of what social engineering is in the first place and have a decent understanding of personal computing safety - you already know what this book can give you. I would classify this book as a collegiate "survey 101" level textbook on communications - the book focuses on very general processes and only the last 60 pages discuss actual examples.

While deciding whether to buy this book or not, I joked with a friend that the fact that the first 28 people who reviewed it gave it 5 stars, was ITSELF an act of social engineering. I am not so sure that is a joke anymore. I've been buying books on Amazon for 12 some years now, and I don't think I've seen a book get that many fanatically raving reviews right off the bat. Looking back again at all those reviews, I guess perhaps if you know absolutely nothing at all about email scams and personal security, and happen to also be a CEO, then this book would be worth reading.

The foreword and first 10 pages talk about what will be in the book. This is a common format, but that's an awful lot of pages wasted on material that is literally repeated again later in the book. And then up front we see material on The Nigerian Scam. If you are a security professional or a CEO, or anyone really - and have fallen prey to this or don't know what it is, seriously, you've got bigger problems to deal with.
Read more ›
9 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
27 of 33 people found the following review helpful By Ronald A. Woerner on January 10, 2011
Format: Paperback
Finally, we have a book on hacking humans that contains details of psychology and human factors related to security. There is no other book like it. For that reason, it's a must read for all security professionals.
Humans are and always will be the weakest security link. PERIOD. Up to now, there hasn't been a comprehensive book on (1) how to orchestrate a Social Engineering campaign; (2) how to prevent a Social Engineer from breaching your defenses; and (3) psychological principals of how humans think and operate. This book has all three. It includes the details necessary to fully understand critical concepts for Social Engineering such as pretexting, elicitation, and influence, which provides a great framework on how to manipulate humans to take the actions you want. I've found that many computer security professionals aren't fluent in human factors. By reading this book, they will glean that knowledge.
BUT WAIT, THERE'S MORE, Chris also includes case studies to see the principles in action. These studies from Chris' experience as a professional Social Engineer round out this outstanding book.
Security professionals: If you read only one book in 2011, make it Social Engineering: The Art of Human Hacking by Chris Hadnagy.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews