SEC567: Social Engineering for Penetration Testers

Provided by SANS
Qualification level
Study type
View Website
View Website

About the course

SEC567: Social Engineering for Penetration Testers provides the blend of knowledge required to add social engineering skills to your penetration testing portfolio. Successful social engineering utilizes psychological principles and technical techniques to measure your success and manage the risk. SEC567 covers the principles of persuasion and the psychology foundations required to craft effective attacks and bolsters this with many examples of what works from both cyber criminals and the authors experience in engagements. On top of these principles we provide a number of tools (produced in our engagements over the years and now available in the course) and also labs centered around the key technical skills required to measure your social engineering success and report it to your company or client.

You'll learn how to perform recon on targets using a wide variety of sites and tools, create and track phishing campaigns, and develop media payloads that effectively demonstrate compromise scenarios. You'll also learn how to conduct pretexting exercises, and we wrap the course with a fun "Capture the Human" exercise to put what you've learned into practice. This is the perfect course to open up new attack possibilities, to better understand the human vulnerability in attacks and to let you practice snares that have proven themselves in tests time and time again.


Course Syllabus

SEC567.1: Social Engineering Fundamentals, Recon, and Phishing


In day 1 of the course we introduce you to key social engineering concepts, the goals of social engineering and a myriad of reconnaissance tools that will help prepare you for successful campaigns. We complete the day with exercises centered around the most popular and scalable form of social engineering, phishing. Each section includes how to execute the attack, what works and what doesn't and how to report on it to help the organization improve their defenses.


  • Recon & Profiling - applying the tools
  • Tracking Clicks - measuring your SE success
  • SET Site Cloning - building a believable phishing site
  • Data Logging - building more advanced credential and data theft portals

CPE/CMU Credits: 6


  • Social engineering introduction
  • The Psychology of Social Engineering
  • Social Engineering Goals
  • Setting up for Success
  • Targeting and Recon
  • Secure & Convincing Phishing
  • Tracking Clicks
  • Secure Phishing Forms

SEC567.2: Media Drops and Payloads, Pretexting, Physical Testing, and Reporting


In day 2 we build on the principles covered in day 1 of the course to focus heavily on payloads for your social engineering engagements. We will cover how to avoid detection, limit the risk of your payloads causing issues and how to build a bespoke payload that works and looks the part of your selected snare. Following that we will introduce another powerful skill with pretexting and cover how these can be combined to get payloads running. We end the day with a capture the flag where students can apply their new found skills and a section covering the top dos and don'ts in an engagement.


  • Roll your own payload - limit risk, avoid detection and prove your pentest
  • Pretty Payloads - making your payloads look the part
  • Pretexting - persuading your way to data
  • Capture the Human - blended SE challenge

CPE/CMU Credits: 6


  • USB and Media Drops
  • Building a Payload
  • Clicks That Work
  • Successful Pretexting
  • Tailgating and Physical Access
  • Social Engineering Reports
  • SE: Where it all Fits
  • Risky Business

Who Should Attend

  • Staff or consultant penetration testers looking to increase their test breadth and effectiveness
  • Security defenders looking to enhance their understanding of attack techniques to improve their defenses
  • Staff responsible for security awareness and education campaigns who want to understand how cyber criminals persuade their way through their defenses


Social engineering for penetration testers does not require existing penetration testing skills, however students with existing skills will be able to apply the course material and enhance other penetration testing disciplines with their newly acquired knowledge.

What You Will Receive

  • Course USB with VMWare image ready for the labs
  • Prebuilt phishing and data capture examples to customize in the future
  • Tools to track your phishing and build reports
  • Course books so you can review your techniques after class

This Course Will Prepare You To

  • Take on your first social engineering test in your company, or as a consultant.
  • Improve your social engineering know how to develop new variations or increase your snare rate.
  • Equip you to deal with some of the ethical and risk challenges associated with social engineering engagements.
  • Enhance other penetration testing disciplines through understanding human behavior and how to exploit it.

Contact the course provider: