

Ask HN: Resources on social engineering - swombat

Social engineering is of obvious interest to startups. Whether it's to get that contact with the CEO of a potential partner, or to get through to the sales manager who can give you a discount on your hosting plan, or even just to get past a gatekeeper and turn that lead into a sale, being able to work your way through the social network at another company is extremely useful.<p>What are some great resources (books, blogs, movies, or others) that you've found, on or off the web, that taught you to be a better social engineer?
======
iamelgringo
Social engineering is a well established industry and art. It just generally
falls under the categories of "Sales and Marketing". See also "How to win
friends and influence people" by Dale Carnegie.

------
whatusername
So on the technical side of an SE attack there's SET (the Social Engineering
Toolkit): [http://www.social-
engineer.org/framework/Computer_Based_Soci...](http://www.social-
engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_%28SET%29)

And then I guess the rest of the resources on <http://www.social-engineer.org>

iamelgringo's suggestion of "How to win friends and influence people" is
worthwhile if you've never read it.

------
lincolnq
The Art of Deception by Kevin Mitnick is a fun read. It's more about how to
defend against social engineering, but you can take it from the other side
too. :)

------
shorbaji
Bruce Schneier's blog could be an interesting read.

He talks about social engineering as a form of security attack but much of the
examples he may provide are relevant.

[http://www.google.com/search?domains=www.schneier.com&si...](http://www.google.com/search?domains=www.schneier.com&sitesearch=www.schneier.com&q=social+engineering&hq=inurl:www.schneier.com)

------
x0ner
I have found psychology books to be rather interesting in understanding social
engineering.

[http://www.amazon.com/Mistakes-Were-Made-But-
Not/dp/01510109...](http://www.amazon.com/Mistakes-Were-Made-But-
Not/dp/0151010986) [http://www.amazon.com/Lucifer-Effect-Understanding-Good-
Peop...](http://www.amazon.com/Lucifer-Effect-Understanding-Good-
People/dp/0812974441/ref=sr_1_1?s=books&ie=UTF8&qid=1292261334&sr=1-1)

..You get the idea.

------
binarymax
<http://labmice.techtarget.com/security/socialengineering.htm>

------
jeremyjarvis
<http://news.ycombinator.com/item?id=1995394>

------
shortlived
2600.com

------
zackattack
<http://www.ZacharyBurt.com>

~~~
zackattack
Read through my list of articles and tell me to my face that my blog isn't an
excellent resource for this. smh

