Developing SE skills

[Hacker]

Amigos, I have already read many topics and articles in various forums dedicated to SI and none of them turned out to be exhaustive. This is because this discipline cannot be simply taken and learned and become a guru. This needs to be learned constantly. Teaching ALWAYS consists of studying theory as well as PERMANENT practice.

Foreword
There is little literature on Social Engineering (SE) as such. There are no such tutorials. Moreover, we are interested in this term mainly from the side of information security. And this area was formed relatively recently and is based on the knowledge of applied social sciences, simply, the sciences that study human behavior.
But we need SPECIFIC guidance! So, I will upset you, there is no such guide! But, nevertheless, you still, with the proper approach and perseverance, will be able to achieve a certain level of mastery in SI.
As I wrote above, for this we need theory and practice!

Literature:

1. Timur Garin - "NLP Speech Strategies"
There are many books in this area, but this author is closer to me because of the trust in his personal developments and models in this and related areas (by the way, the bonus will be that this material is also available in mp3, in the form of a seminar). Highly recommend!

2. Timur Garin and Svetlana Borodina - "Exposing magic, or charlotan's handbook"
The book is so lively that you read it exclusively with a smile on your face, especially when you remember and / or notice the situations in your life described in the book.

3. Robert Diels - "Tricks of the tongue"
A bit difficult reading for a beginner, but mixed with other material, quite readable. Much of the book is based on synopsis of belief change seminars. This is, one might say, a classic.

4. Anvar Bakirov - "Conversational hypnosis" .
Ideal for a beginner communicator. Verified personally. The book is written with humor. There are many examples, even in the form of anecdotes. Recommend.

5. Andrey Kurpatov - "Unreasonable Man"
I read this book twice. A book about the mechanisms of the brain. The book is based on the discoveries of famous Russian scientists in the field of human behavior. This can be said to be the basis of the basics.

6. Anvar Bankers - "NLP. Roles that people play"
Another book by this author. It is about people who know how to inspire confidence. Actually, this is what we want to learn.

7. Maxim Kuznetsov and Igor Simdyanov - "Social Engineering and Social Hackers"
There are a lot of articles and sites with a link to this book. I could not pass by!

8. Frank William Abagnale - "Catch Me If You Can"
This book needs no comments. A biography book about clever methods of highly professional fraud. This author is in the same pantheon with the equally famous classic of the genre Kevin Mitnick (we will return to him later). Based on this book, Spielberg directed the film of the same name with Leo DiCaprio. A must-read!

8. Paul Ekman - "The Psychology of Lies"
This work is based on research on human non-verbal behavior. The book pays special attention to the recognition of human emotional states. But what about without it? This is one of the keys to accessing a person's trust.

9. Kevin Mitnick and William Simon - "The Art of Deception"
Actually, this and the next book needs no comments. I will not copy the text from Wikipedia. I will say that it tells about human vulnerability in the modern world. Especially in a world with advanced communications.

10. Kevin Mitnick - "Ghost on the Net. Memoirs of the Greatest Hacker"

11. Robert Cialdini - "The Psychology of Influence"
The book is about the influence of people on each other. Interesting thing! Based on social psychology.

12. Daniel Kahneman - Think Slow ... Decide Fast
A very useful book for manipulating feelings. Although it was not written for this.

13. Sergey Kara-Murza - "Manipulation of Consciousness"
The book reveals the mechanisms of social engineering on the example of the history of the Russian state. SI has always existed, only the name was invented recently. The book contains many examples of the control of human thinking at the state level.

14. Olivia Fox Cabain - "Charisma. How to Influence, Persuade and Inspire"
The author of this book argues that charisma is a trainable quality, not a gift. A useful book for power over other people's opinions.

15. Sergey Pavlovich - "How I Stole a Million. Confessions of a Repentant Carder"
The book consists of 63 chapters. Half of the chapters describe the carefree everyday life of a carder: cutting plastic, gutting ATMs, expensive booze, whores. The second half: how sad it is in the pre-trial detention center, how cold it is in the kiche in winter, how I want to see my family and my friend. In short, to think before going down this path!

16. David Myers - "Social Psychology"
It is read in one breath, despite the fact that it is written in a scientific style. Literally every page is interesting. And on each page you can cite dozens of examples from your own or someone else's life from books and films.

Films:

1. Cyber (trailer)

2. "Who am I"

3. "Catch Me If You Can" (trailer)

4. "Genius"

5. "They smoke here" (trailer)

https://www.youtube.com/channel/UCABL0bTR9G8OWgiqOrzEuqg?feature=emb_ch_name_ex

6. "Password Swordfish" (trailer)

7. "Discovery Hackers"

Useful links:
Social Engineering in Practice: "Physical Access" to Kevin Mitnick's Private Conference
The secret weapon of social engineering
Books by Chris Kaspersky (not to be confused with the creator of the famous software)
Social engineering: an educational program about an attack method that never gets old
How Scammers Deceive Us - BBC Russian Service
Home - ruonion.com - Social engineering and its main methods.
Social Engineering and Thinking Traps: How to Hack the Brain
Social engineering. What? How? Why?

 

[Jollier]

SE pumping
Amigos, I think you've often seen diagrams where such items as "SE", "SE 4 of 10 skills are needed", etc. are mentioned. But few people think and tried to understand what it is and what it is eaten with. How can you even tell what SE level you have? This is a purely subjective thing that depends on a person's abilities. And they, as a rule, are different for everyone.

There is a concept - social engineering. What is it all about, in plain language?
This is the skill with which you can achieve your goals using dialogue and some manipulation. The goals may be different: the extraction of docks from a person, the conclusion of a mammoth for profit, a divorce of a drocher to buy something, etc.

But how do you develop these skills?
Young people often write: "What level of SE do I need for this topic?" Uncle, well, for starters, I don't know what you are capable of. Take, for example, the immortal drocher theme. Someone manages to make several thousand rubles a day on them, while someone, having all the tools and instructions, earns nothing.

By my own example, I can say that I have not read any books on psychology and social engineering. I started from what I do and what I do. Let's take the good old school kids' scam on accounts on Steam, Origin, etc. There is a task: to sell air. You don't actually have an account, do you? But you need to show, prove and tell that he really is. Make him believe it. If your page name is Petya Petrov, then find a Steam account with the login petya2008. Better yet, if the name "Peter" or "Peter" is indicated in the account profile. Do you understand the trick? Mammoths look at such small details.

Or another example. Jerkers. I already wrote more than one manual on this topic. And I repeat everywhere, stick to the legend. The legend of the character, in your case, this is some kind of madam, one of the most important components. If you are a 35-year-old woman with a child, then show this not only in the photo, but also in dialogue with the mammoth. Write that you need to leave to feed the child, that you need to help do your homework. Accompany all this with appropriate photos, for example, a photo of hands with a notebook or diary. The Internet is full of such live photos.

How to develop skills? Practice, practice and more practice. Get yourself several characters: Petya is a schoolboy, a nerd, Masha is a divorced woman who loves her son, Dmitry is a professional capper, Elizaveta is a flirty student with no money. And just talk to people. Observe their reactions to your actions. Sooner or later, you will hone your skills.

Difficult online? Try it in life. Make your way to the doctor through the line of 20 people. Anyway, make your way through any queue, try it. Find an approach, find loopholes.
Also, communicate more often with various technical staff. support. Whether it's AliExpress employees when you refund. Or Delivery Club employees when you want to get a refund for poor quality food.
A lot of text and water, but I tried to convey some truths to you. In short: enough theory - closer to practice. There are no levels, only skill and difficulty.

 

[Father]

Top 10 books about Social Engineering

1. The Art of Deception by K. D. Mitnick and William L. Simon
The Art of Deception proves just how vulnerable we all are. In the modern world, where security sometimes comes to the fore, huge amounts of money are spent on protecting computer networks and information. Money is spent on security technologies. This book explains how easy it is to outsmart all the defenders and bypass the technological defenses, how social engineers work and how to repel an attack from their side Kevin Mitnick and his co-author, Bill Simon tell many stories that reveal the secrets of social engineering.

2. The art of invasion. Kevin D. Mitnick, William L. Simon.
The stories in this book demonstrate how insecure all computer systems are, and how vulnerable we are to such attacks. The lesson of these stories is that hackers find more and more vulnerabilities every day. As you read this book, think not about how to learn about specific device vulnerabilities, but about how to change your approach to security and gain new experience.

3. Social engineering and social hackers. Maxim Kuznetsov, Igor Simdyanov
This technique, when a hacker attacks not a computer, but a person working with a computer, is called social engineering. Social hackers are people who know how to "hack a person" by programming them to perform the necessary actions.
The book describes the arsenal of basic tools of a modern social hacker (transactional analysis, neuro-linguistic programming), examines and analyzes in detail numerous examples of social programming (the science that studies programming human behavior) and ways to protect against social hacking. The book will be useful for IT professionals, enterprise security personnel, psychologists studying social engineering and social programming, and PC users, as they are often chosen by social hackers as the most convenient targets.

4. Games that people play. Eric Byrne.
This book, which has successfully passed many reprints and has been published in millions of copies in many languages, is dedicated to teaching the reader to professionally analyze the nuances of their communication, as well as to help get rid of many behavioral stereotypes and complexes that interfere with everyday life. Initially, this work was conceived as an advanced textbook of psychoanalysis, but in the end the author managed to present it in a simple and accessible language using bright and witty images.

5. Ghost on the Web. Memoirs of the Greatest Hacker Kevin Mitnick, William Simon
Kevin Mitnick is considered the most elusive master computer hacker in history. He penetrated the networks and computers of the world's largest companies, and no matter how quickly the authorities caught on, Mitnick was faster, whirling through telephone switches, computer systems, and cellular networks. He had spent years scouring cyberspace, always three steps ahead of his pursuers, and had earned a reputation for being unstoppable.

6. "The Psychology of Influence" by Robert Cialdini
The book by Robert Cialdini, a recognized master of influence and persuasion, has gone through five editions in the United States, its circulation has long exceeded one and a half million copies. It is addressed to all those who work with people: politicians and businessmen, doctors and lawyers, psychologists, teachers, managers, and those who, by the nature of their activity, must persuade, influence, and exert influence.

7. "Creativity: The Flow and Psychology of Discovery and Invention", Mihai Csikszentmihalyi
A creative person - what is special about him? And why does creativity make everyone's life richer and happier? Talented artists, musicians, writers, scientists, leaders of major corporations-the fate of 90 greatest people of the XX century was studied by Professor Mihai Csikszentmihalyi.

8. "Understanding Human Nature", Alfred Adler
The purpose of the book is to show how one person's wrong course of behavior creates disharmony in our social life, teach people to recognize their mistakes and, finally, show how to adapt harmoniously to the social environment.

9. "Psychology of lies. Deceive me if you Can", Paul Ekman
Is it true that a modern person on average lies three times in ten minutes of conversation? How to respond to the fact that lies have penetrated all spheres of human life? What should I do if I can't detect lies based on my words and voice? Paul Ekman's book provides comprehensive answers to these questions.

10. Gavin de Becker. "The Gift of Fear: Secret Survival Signals that Protect Us from Violence".
The book " The Gift of Fear. Secret Survival Signals that Protect us from Violence " by Gavin de Becker, which became a bestseller in the United States, was also published in Russian not so long ago.