Rachel Tobac @RachelTobac CEO @SocialProofSec social engineering & hacking training/pentest/workshops/keynotes | 3X @DEFCON SECTF 2nd place | Chair @WISPorg | SrUXR @coursehero | She/her Jul. 24, 2019 1 min read

[Thread] There are many ways to get started in the field of social engineering! Here’s my path:
1. Read the Social Engineering Framework by @humanhacker:  http://social-engineer.org/framework/gene 
2. Read Chris Hadnagy's books:
Start with  http://amazon.com/Social-Enginee 
3. Try SE in @defcon @sevillage

4. Learn more about physical pentesting with @deviantollam’s talk:  http://youtube.com/watch?v=rnmcRT 
5. Learn OSINT (the research we do before attacking) from @IntelTechniques and OSINT Framework:  http://osintframework.com 

Ultimately, I’ve found that infosec / hacking is a “try it” field. Especially for me. I’ve got to actually do it to get the feel for it and learn quickly. I recommend a BSides conference, @defcon, @thotcon or other con to jump right in. The key is to start before you’re ready.

What was your path thru social engineering? How did you learn? What resources, blogs, trainings, workshops, activities etc were helpful for you?

Volunteering with @wisporg also helped me immensely to build bonds with other women in the security and privacy, which I struggled to find elsewhere! @wisporg mentors also convinced me to public speak and lead public SE workshops, which I now do regularly or pass onto others!

Looks like the @humanhacker book link is a dead link above. Here’s the one I was recommending to start with:  https://www.amazon.com/Social-Engineering-Science-Human-Hacking/dp/111943338X 

The @deviantollam talk link is also dead — here is the one I referenced starting with when learning physical social engineering and penetration testing  https://m.youtube.com/watch?v=rnmcRTnTNC8 

Adding to this thread! @SAINTCON is another “try it” con like @defcon @thotcon and many more. I’ll continue to add recommendations for conferences you can practice skills at here in the future, too.


You can follow @RachelTobac.



Bookmark

____
Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.

Enjoy Threader? Sign up.

Threader is an independent project created by only two developers. The site gets 500,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Running this space is expensive and time consuming. If you find Threader useful, please consider supporting us to make it a sustainable project.