Social engineering is the art of convincing people to reveal confidential information. Social engineers depend on the fact that people are aware of valuable information and are not usually diligent in protecting it.
Objective
The objective of this lab is to:
- Protect the network from phishing attacks
- A computer running Kali Linux operating System
- A web browser with Internet access
Scenario
Social engineering is essentially the art of gaining access to buildings, systems, or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques. The term social engineering can also mean an attempt to gain access to information, primarily through misrepresentation, and often relies on the trusting nature of most individuals. For example, instead of trying to find software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password.
Shane MacDougall, a hacker/security consultant, duped a Wal-Mart employee into giving him information that could be used in a hacker attack to win a coveted black badge in the social engineering contest at the Defcon hackers conference in Las Vegas.
Social Engineering Penetration Testing
The Security Analyst Exercises / Social Engineering Penetration Testing contains the following Exercises:
- Social Engineering Penetration Testing using Social Engineering Toolkit (SET)
- Intrusion Detection Using KFSensor Honeypot IDS
The Virtual Private Cloud for this Lab set utilizes:
Security Analyst Exercises are available as part of the following subscription:
Each subscription provides 6 months access to 15 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Penetration Testing Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.
Lab exercises are included for:
- TCPIP Packet Analysis
- Information Gathering
- Vulnerability Analysis
- External Penetration Testing
- Internal Network Penetration Testing
- Firewall Penetration Testing
- IDS Penetration Testing
- Password Cracking Penetration Testing
- Social Engineering Penetration Testing
- Web Application Penetration Testing
- SQL Penetration Testing