[Thread] There are many ways to get started in the field of social engineering! Here’s my path:
1. Read the Social Engineering Framework by @humanhacker: http://social-engineer.org/framework/gene …
2. Read Chris Hadnagy's books:
Start with http://amazon.com/Social-Enginee …
3. Try SE in @defcon @sevillage
4. Learn more about physical pentesting with @deviantollam’s talk: http://youtube.com/watch?v=rnmcRT …
5. Learn OSINT (the research we do before attacking) from @IntelTechniques and OSINT Framework: http://osintframework.com
Ultimately, I’ve found that infosec / hacking is a “try it” field. Especially for me. I’ve got to actually do it to get the feel for it and learn quickly. I recommend a BSides conference, @defcon, @thotcon or other con to jump right in. The key is to start before you’re ready.
What was your path thru social engineering? How did you learn? What resources, blogs, trainings, workshops, activities etc were helpful for you?
Volunteering with @wisporg also helped me immensely to build bonds with other women in the security and privacy, which I struggled to find elsewhere! @wisporg mentors also convinced me to public speak and lead public SE workshops, which I now do regularly or pass onto others!
Looks like the @humanhacker book link is a dead link above. Here’s the one I was recommending to start with: https://www.amazon.com/Social-Engineering-Science-Human-Hacking/dp/111943338X …
You can follow @RachelTobac.
Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.
Threader is an independent project created by only two developers. The site gets 500,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Running this space is expensive and time consuming. If you find Threader useful, please consider supporting us to make it a sustainable project.