Course: Introduction to Social Engineering Testing

Learn the tools and techniques used by professionals in social engineering tests.

Want to perform a social engineering test but don’t know where to start? Social engineering tests can identify weaknesses in your organisation, and can even improve security awareness. Learn how ethical social engineering tests are performed using proven techniques and a repeatable methodology in our afternoon workshop, Introduction to social engineering testing.


Book online to attend on 23 April 2013 at Infosec


To attend this course at Infosecurity Europe book here www.infosec.co.uk/firstdefence


Course summary


This half day course provides an introduction to social engineering testing. Social engineering tests can be used to evaluate and strengthen your organisation’s defence against social engineering.

Like any security test, social engineering tests can help to identify security weaknesses that could allow your resources to be compromised. Such tests can:


  • Give a good indication of and even improve your staff’s level of security awareness

  • Teach your staff how to identify and deal with social engineering situations

  • Provide valuable recommendations on both security awareness and physical security


The objective of this course is to give participants an overview of how to conduct an ethical social engineering test based on a repeatable social engineering test methodology.

Participants who wish to get a higher level overview of social engineering may choose to combine this course with our morning workshop, “Introduction to Social Engineering Awareness and Defence”.


Who should attend?


Anyone with an interest in learning how to conduct or manage a social engineering attack of their organisation. In particular, security and compliance managers or practitioners who want to assess and improve the security awareness culture within their organisation.



Course content

- The social engineering testing methodology overview


This unit will provide an overview of a repeatable, ethical social engineering testing methodology.

- Pre-test requirements


This unit will outline the pre-test requirements that need to be in place before attempting a social engineering test, including the ‘get out of jail free’ card and other legal requirements.

- Reconnaissance


Reconnaissance accounts for most of the time spent on any social engineering assignment. This unit will look at techniques for performing both passive and physical reconnaissance.

- Scenario creation


This unit will provide hints and tips for creating realistic scenarios to use for social engineering assignments and will provide examples of scenarios that have been successful in the past.

- Attack execution


This unit will focus on the social engineering attack execution, what to do once you have obtained physical access to a building, evidence collection and how to exit smoothly.

- Social engineering tools


This unit will describe the tools that social engineers use, both from a software and hardware perspective.

- How to write a social engineering report


Writing a report on your social engineering activities is not as straightforward as it seems. This unit will analyse different reporting styles for social engineering tests as well as providing suggestions for what should or shouldn’t go in the report.

- Case study


The case study is an interactive exercise that will encourage participants to think through a social engineering test that has previously been undertaken by the course leaders. We will examine the test requirements, evaluate possible scenarios we could use and finally demonstrate the actual scenarios used during the test and their outcome.