Social Engineering Part 2 ?? Hopefully?Social Engineering and Manipulation Course

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Courses Social Engineering and Manipulation Course Social Engineering Part 2 ?? Hopefully?

This topic contains 18 replies, has 12 voices, and was last updated by  mdoering 2 years, 10 months ago.

Viewing 19 posts - 1 through 19 (of 19 total)
  • Author
    Posts
  • #27141

    OPsecJ
    Participant

    Great intro social engineering class (your time is much appreciated).

    Any plans (#cybrary) for making additional classes in social engineering? It would be great to have a verbal social engineering class, as that is a threat many overlook. To learn this topic, it needs to be taught, as a lot of it goes against basic human interaction/reaction. This potential class would also be good for physical building security.

    #FreeKevin

    #27164

    Terumo
    Participant

    Although I agree that Social Engineering class would be good for physical security, I can tell you that there are very few places that implement it, or even care about it…
    Very few companies give a damn about the security personnel training (most companies are hired based on the price, not the quality), and lots of security personnel don’t give a damn themselves. Most companies avoid spending more on security, and it’s why most buildings security is a joke.
    So places (rare) implement professional training, like the example of airport security taking classes with the trainers and software design by Dr. Paul Ekman (for security and law enforcement only), to help detect malicious behaviors. This type of training is very expensive, time consuming, and most people that learn end up thinking: “this is good, but will be rarely used”.
    Most social engineering training is a thing most security personnel doesn’t believe. Most of them think “I’m too smart to fall for this or that…”, and since they don’t believe that could happen, they just ignore it. This is the sad reality.
    (I know this because I work in private security for 7 years now, and I saw lots of that)

    If you like this area, specially becoming “anti-social engineering”, I recommend you take a look at the work of Dr. Paul Ekman, that analyzes facial expressions (especially micro facial expressions) to detect potential malicious behaviors.

    #27169

    Chambo
    Participant

    Dr Ekman’s work is very interesting indeed, and he is reportedly credited for inspiring the TV Show ‘Lie to Me’.
    https://en.wikipedia.org/wiki/Lie_to_Me

    For any that haven’t seen this (cancelled) show, it’s worth catching some episodes 🙂

    http://www.tv.com/shows/lie-to-me/
    http://www.imdb.com/title/tt1235099/

    #27174

    Terumo
    Participant

    The series is good, and if you can manage, I really recommend you try both programs they use: METT and SETT (sometimes can be found online). Both are great in teaching and training.

    #27229

    Anonymous

    @terumo – Ekman’s research is around NLP (nuero lingustic programming), correct? Too tired to google roght now 😉

    #27255

    Terumo
    Participant

    Yes and no… Dr. Paul Ekman work is based on human facial expressions, especially micro expressions (that occur in a fraction of a second), and that is only a part of NLP. NLP studies the whole body and its reactions.

    #27267

    Chambo
    Participant

    @terumo – thanks I’ll check into both METT and SETT. As former law enforcement, Social Engineering in all its forms has long fascinated me 🙂

    #27987

    OPsecJ
    Participant

    ^most of time its the first step of the attacker. If you move slow enough and stealthy enough, the enumeration goes unnoticed. If you don’t believe me, ask a cat. Its great to watch the pros because it really opens your eyes to exploits the untrained eye would/could never see coming. My favorite is Apollo Robbins

    https://www.youtube.com/results?search_query=apollo+robbins

    #28059

    cisatrainee1
    Participant

    It is a great course, just finished it today in my off time…..looking forward to part 2…..

    #28655

    nipun
    Participant

    will checkit out soon

    #29103

    invivo
    Participant

    Definetly a great course, and would love a reload!

    #29360

    OPsecJ
    Participant

    Ya, cybrary is really doing a great job with their content

    #31610

    MeRLiN
    Participant

    I agree, it was a great course. The only thing I would change is to see some real world examples or anecdotes but I realize that can be rather hard and have its own set of issues.

    #35096

    OPsecJ
    Participant
    #37363

    OPsecJ
    Participant

    …found another related vid:

    Advanced Exploitation (part 4) Social Engineering
    https://www.cybrary.it/video/advanced-exploitation-part-4/

    #38493

    UGAfraz
    Participant

    Thanks

    #41563

    dekr4ken
    Participant

    i tried some of the tactics on our own company’s helpdesk, and they worked. brilliant ! People do give out their credentials too when you take an authoritative role on. couldnt believe.

    #45564

    Zachery Smith
    Participant

    I really enjoyed this course @polymath! Thanks so much and I hope that you decide to do a follow up!

    #60047

    mdoering
    Participant

    I too really enjoyed this course. I do PCI assessments and overall IT Security as well as ITGC audits and frequently use social engineering in my work. I hadn’t heard of some of the tools discussed but they will certainly help for building a targeted library of knowledge to use in engagements.

    I too hope to see a continuation of this program and would be willing to share some experiences as case studies in the techniques, effectiveness, and potential impact of exploitation.

Viewing 19 posts - 1 through 19 (of 19 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel