Existe amplia información sobre Ingeniería Social en internet y otros medios (Description in English below).
Lo que diferencia este libro de la literatura existente es específicamente la descripción de las prácticas y herramientas que específicamente el punto de partida para quien se inicie en esta disciplina.
Aquí se describen todo tipo de técnicas, físicas y lógicas, para perpetrar ataques específicos en Ingeniería Social: suplantación de identidad, obtención de información a través de fuentes abiertas (OSINT), técnicas de manipulación de personas, operaciones psicológicas (PSYOPS), métodos de suplantación, detección de mentiras, programación neurolingüística (PNL), lockpicking, etc.
Description in English:Currently, the market has a wide range of systems, products and services focused on computer security: antivirus, firewalls, IDS, WAF, etc. All these measures are indispensable and have become a priority for any company or organization in order to secure their assets, but Social Engineering relates to the advantage that techniques can be used as an attempt against the vulnerabilities inherent to human beings, and as is well known, there is no patch or update that offers effective protection against this type of attack.
What firewall could be installed in a human brain? With what rules would you configure it? Why use complex systems in developing hacking techniques when a phone call could provide us with an administrator password?
This is one of the techniques that can be followed by a hacking specialist through Social Engineering, who will surely not waste time investigating complex attack vectors, exploits or Zero Day vulnerabilities if a friendly receptionist can be easily convinced to insert an infected USB into a company PC, or for a saturated telephone operator of a telecommunications company to provide personal details of a subscriber.
There is a lot of information about Social Engineering in different books and on the Internet. The differentiating element of this book is the importance given to the practices and tools that someone starting out in this discipline should know as a starting point. Throughout this book, all kinds of techniques, physical and logical, to perpetrate attacks based on Social Engineering will be described: phishing, obtaining information through open sources (OSINT), techniques of manipulation of people, psychological operations (PSYOPS ), impersonation methods, lie detection, neurolinguistic programming (NLP), lockpicking, etc.
#coleccionesabg #it # computación #Hacking