Learn Social Engineering From Scratch

Learn Social Engineering From Scratch

by Zaid Sabih
Released April 2018
Publisher(s): Packt Publishing
ISBN: 9781789341584

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Welcome to this comprehensive course on social engineering! In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking, we will start with the basics of social engineering, and by end of it you'll be at an advanced level being able to hack into all major operating systems (Windows, OS X, and Linux), generate different types of trojans, and deliver them using smart social engineering techniques. This course is focused on the practical side of penetration testing without neglecting the theory. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing safely on your own machine. Finally, at the end of the course, you will learn how to protect yourself and your systems from these attacks. All the attacks in this course are practical attacks that work against real computers. In each technique you will understand the theory behind it and how it works, then you'll learn how to use that technique in a real-life scenario, so by the end of the course you'll be able to modify these techniques or combine them to come up with more powerful attacks and adapt them to different scenarios and different operating systems.

What You Will Learn

  • Learn about hacking and social engineering and how it can be useful as well as why it is so dangerous
  • Learn about the different fields of ethical hacking; install Kali Linux - a penetration testing operating system
  • Install Windows and vulnerable operating systems as virtual machines for testing
  • Learn Linux basics; learn Linux commands and how to interact with the terminal
  • Gather important information about your target whether it is a company, website, or a person
  • Discover websites, companies, people, emails and social networking accounts associated with a person or a company
  • Build attack strategies based on the gathered info; generate undetectable backdoors for Windows, Mac OS and Linux
  • Generate Trojans to steal all the passwords from a target computer and report the results by email
  • Generate a remote keylogger that logs every key strike entered on a target computer and sends reports by email, and much more!

Audience

People who want to learn ethical hacking/social engineering. People who want to learn how hackers hack into secure systems that do not have any vulnerability. Anybody who wants to learn how to secure their systems from social engineering attacks

About The Author

Zaid Sabih: Zaid Sabih is an ethical hacker, a computer scientist, and the founder and CTO of zSecurity. He has valuable experience in ethical hacking—he started working as a pentester with iSecurity. In 2013, he started teaching his first network hacking course—which received amazing feedback—leading him to publish a number of online ethical hacking courses, each focusing on a specific topic, all of which are dominating ethical hacking. Now, Zaid has more than 300,000 students worldwide.

Table of contents

  1. Chapter 1 : What Is Social Engineering
    1. What Is Social Engineering
    2. Teaser - Hacking an Android Phone Accessing the Camera
    3. Course Overview
  2. Chapter 2 : Preparation - Creating a Penetration Testing Lab
    1. Lab Overview Needed Software
    2. Installing Kali 2018 as a Virtual Machine Using a Ready Image
    3. Installing Windows as a Virtual Machine
    4. Installing Ubuntu as a Virtual Machine
  3. Chapter 3 : Preparation - Linux Basics
    1. Basic Overview of Kali Linux
    2. The Linux Terminal Basic Linux Commands
    3. Creating Using Snapshots
    4. Updating Sources Installing Programs
  4. Chapter 4 : Information Gathering
    1. Introduction
  5. Chapter 5 : Information Gathering - Gathering Info about a Company/Website
    1. Maltego Overview
    2. Discovering Domain Info Emails Associated With Target
    3. Discovering Information about Hosting Company, Support Team Emails Admin Email
    4. Discovering Files, Links, Websites Other Companies Related To Target
    5. Using the Gathered Info to Build an Attack Strategy
  6. Chapter 6 : Information Gathering - Gathering Info about a Person
    1. Discovering Websites, Links Social Networking Accounts
    2. Discovering Twitter Friends Associated Accounts
    3. Discovering Emails of the Target's Friends
    4. Analyzing the Gathered Info Building an Attack Strategy
  7. Chapter 7 : Windows Evil Files
    1. Introduction
  8. Chapter 8 : Windows Evil Files - Generating Undetectable Backdoors
    1. Installing Veil 3.0
    2. Veil Overview Payloads Basics
    3. Generating an Undetectable Backdoor Using Veil 3
    4. Listening For Incoming Connections
    5. Hacking a Windows 10 Machine Using the Generated Backdoor
    6. Installing the Fat Rat
    7. Generating an Undetectable Backdoor Using TheFatRat
    8. Installing Empire
    9. Creating an Empire Listener
    10. Creating a Windows Powershell Stager Hacking Windows 10
    11. Modifying Backdoor Source to Bypass All Anti-virus Programs
  9. Chapter 9 : Windows Evil Files – Spying
    1. What Is A Keylogger?
    2. Creating a Remote Keylogger
    3. Using a Remote Keylogger To Capture Key Strikes Including Passwords
    4. Password Recovery Basics
    5. Recovering Saved Passwords from Local Machine
    6. Recovering Saved Passwords from a Remote Machine
  10. Chapter 10 : Windows Evil Files - Enhancing Evil Files
    1. Bypassing All Anti-Virus Programs By Modifying Hex Vales
    2. Creating the Perfect Spying Tool
  11. Chapter 11 : Windows Evil Files - Converting Evil File To A Trojan
    1. Embedding Evil Files with Any File Type like An Image or PDF
    2. Download Execute Payload
    3. Running Evil Files Silently In the Background
    4. Changing Trojan's Icon
    5. Spoofing File Extension from .exe to anything else (pdf, png ..etc)
    6. Download Execute Payload (Method 2)
    7. Embedding Evil Files with Any File Type like An Image or PDF (Method 2)
    8. Embedding backdoor In a Legitimate Microsoft Office Document
    9. Embedding Any Evil File in a Legitimate Microsoft Office Document
  12. Chapter 12 : Mac OS X Evil Files
    1. Introduction
    2. Hacking Mac OS X Using A Meterpreter Backdoor
    3. Hacking Mac OS X Using an Empire Stager
    4. Converting Basic Backdoor To an Executable
    5. Embedding a Normal File With Backdoor
    6. Download Execute Payload
    7. Changing Trojan's Icon
    8. Configuring the Trojan to Run Silently
    9. Embedding Backdoor In a Legitimate Microsoft Office Document
  13. Chapter 13 : Linux Evil Files
    1. Hacking Into Linux-Like Systems Using One Command
    2. More Advanced Linux Backdoor
    3. Generating A Persistent Remote Keylogger
    4. Using a Remote Keylogger to Capture Key Strikes Including Passwords
    5. Recovering Saved Passwords from a Local Machine
    6. Execute Report Payload
    7. Recovering Saved Passwords from a Remote Machine
    8. Embedding Evil Code in a Legitimate Linux Package - Part 1
    9. Embedding Evil Code in a Legitimate Linux Package - Part 2
    10. Backdooring a Legitimate Android Ap
  14. Chapter 14 : Delivery Methods
    1. Introduction
    2. Preparing Evil Files to Be Delivered Via A URL
    3. Email Spoofing - Send Emails as Any Email Account
    4. Hacking OS X Linux Using Pure Social Engineering without Sending Any Files
    5. Creating a Replica of Any Website / Login Page
    6. Stealing Login Info Using Fake a Login Page
    7. BeEF Overview Basic Hook Method
    8. Injecting BeEF's Hook in Any Webpage
    9. Luring Target into Accessing Evil URL without Direct Interaction
    10. Basic BeEF Commands
    11. Stealing Credentials/Passwords Using a Fake Login Prompt
    12. Hacking Windows 10 Using a Fake Update
    13. Hacking Mac OS X Using A Fake Update
    14. Hacking Linux Using a Fake Update
  15. Chapter 15 : Using the Above Attacks outside the Local Network
    1. Overview of the Setup
    2. Ex1 - Generating a Backdoor That Works Outside the Network
    3. Configuring the Router to Forward Connections to Kali
    4. Ex2 - Using BeEF outside the NetwoRK
  16. Chapter 16 : Post Exploitation
    1. Introduction
    2. Upgrading Basic Shell Access to a Meterpreter/Empire Access
  17. Chapter 17 : Post Exploitation – Meterpreter
    1. Meterpreter Basics
    2. File System Commands
    3. Maintaining Access Basic Methods
    4. Maintaining Access - Using a Reliable undetectable Method
    5. Spying - Capturing Key Strikes Taking Screen Shots
    6. Pivoting - Theory (What is pivoting?)
    7. Pivoting - Exploiting Devices on the Same Network as the Target Computer
    8. Controlling Android Phone Accessing Mic, Camera, Messages, File System More
    9. Maintaining Access on OS X
  18. Chapter 18 : Post Exploitation – Empire
    1. Basics of Empire Agents
    2. File System Commands
    3. Upload Execute Shell Commands
    4. Injecting Backdoor Process in System Processes
    5. Stealing root Password Escalating Privileges on OS X
    6. Maintaining Access on OS X
  19. Chapter 19 : Security
    1. Detecting Fake/Spoofed Emails
    2. How to Protect Against BeEF Other Browser Exploits
    3. Detecting Trojans Manually
    4. Detecting Trojans Using a Sandbox

Product information

  • Title: Learn Social Engineering From Scratch
  • Author(s): Zaid Sabih
  • Release date: April 2018
  • Publisher(s): Packt Publishing
  • ISBN: 9781789341584