{"product_id":"the-art-of-attack-isbn-9781119805465","title":"The Art of Attack","description":"\u003cp\u003e\u003cb\u003eTake on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIn \u003ci\u003eThe Art of Attack: Attacker Mindset for Security Professionals,\u003c\/i\u003e experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to use it to their advantage. Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker.\u003c\/p\u003e \u003cp\u003eThe book shows you the laws of the mindset and the techniques attackers use, from persistence to \"start with the end\" strategies and non-linear thinking, that make them so dangerous. You'll discover:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eA variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques\u003c\/li\u003e \u003cli\u003eThe unique tells and signs of an attack and how to avoid becoming a victim of one\u003c\/li\u003e \u003cli\u003eWhat the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003ePerfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, \u003ci\u003eThe Art of Attack\u003c\/i\u003e is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker.\u003c\/p\u003e \u003cp\u003eAbout the Author v\u003c\/p\u003e \u003cp\u003eAcknowledgments vii\u003c\/p\u003e \u003cp\u003eIntroduction xv\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart I: the Attacker Mindset 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1: What Is the Attacker Mindset? 3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUsing the Mindset 6\u003c\/p\u003e \u003cp\u003eThe Attacker and the Mindset 9\u003c\/p\u003e \u003cp\u003eAMs Is a Needed Set of Skills 11\u003c\/p\u003e \u003cp\u003eA Quick Note on Scope 13\u003c\/p\u003e \u003cp\u003eSummary 16\u003c\/p\u003e \u003cp\u003eKey Message 16\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2: Offensive vs. Defensive Attacker Mindset 17\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Offensive Attacker Mindset 20\u003c\/p\u003e \u003cp\u003eComfort and Risk 22\u003c\/p\u003e \u003cp\u003ePlanning Pressure and Mental Agility 23\u003c\/p\u003e \u003cp\u003eEmergency Conditioning 26\u003c\/p\u003e \u003cp\u003eDefensive Attacker Mindset 31\u003c\/p\u003e \u003cp\u003eConsistency and Regulation 31\u003c\/p\u003e \u003cp\u003eAnxiety Control 32\u003c\/p\u003e \u003cp\u003eRecovery, Distraction, and Maintenance 34\u003c\/p\u003e \u003cp\u003eOAMs and DAMs Come Together 35\u003c\/p\u003e \u003cp\u003eSummary 35\u003c\/p\u003e \u003cp\u003eKey Message 36\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3: The Attacker Mindset Framework 37\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDevelopment 39\u003c\/p\u003e \u003cp\u003ePhase 1 43\u003c\/p\u003e \u003cp\u003ePhase 2 47\u003c\/p\u003e \u003cp\u003eApplication 48\u003c\/p\u003e \u003cp\u003ePreloading 51\u003c\/p\u003e \u003cp\u003e“Right Time, Right Place” Preload 51\u003c\/p\u003e \u003cp\u003eEthics 52\u003c\/p\u003e \u003cp\u003eIntellectual Ethics 53\u003c\/p\u003e \u003cp\u003eReactionary Ethics 53\u003c\/p\u003e \u003cp\u003eSocial Engineering and Security 57\u003c\/p\u003e \u003cp\u003eSocial Engineering vs. AMs 59\u003c\/p\u003e \u003cp\u003eSummary 60\u003c\/p\u003e \u003cp\u003eKey Message 60\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II: the Laws and Skills 63\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4: The Laws 65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eLaw 1: Start with the End in Mind 65\u003c\/p\u003e \u003cp\u003eEnd to Start Questions 66\u003c\/p\u003e \u003cp\u003eRobbing a Bank 68\u003c\/p\u003e \u003cp\u003eBringing It All together 70\u003c\/p\u003e \u003cp\u003eThe Start of the End 71\u003c\/p\u003e \u003cp\u003eClarity 71\u003c\/p\u003e \u003cp\u003eEfficiency 72\u003c\/p\u003e \u003cp\u003eThe Objective 72\u003c\/p\u003e \u003cp\u003eHow to Begin with the End in Mind 73\u003c\/p\u003e \u003cp\u003eLaw 2: Gather, Weaponize, and Leverage Information 75\u003c\/p\u003e \u003cp\u003eLaw 3: Never Break Pretext 77\u003c\/p\u003e \u003cp\u003eLaw 4: Every Move Made Benefits the Objective 80\u003c\/p\u003e \u003cp\u003eSummary 81\u003c\/p\u003e \u003cp\u003eKey Message 82\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5: Curiosity, Persistence, and Agility 83\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCuriosity 86\u003c\/p\u003e \u003cp\u003eThe Exercise: Part 1 87\u003c\/p\u003e \u003cp\u003eThe Exercise: Part 2 89\u003c\/p\u003e \u003cp\u003ePersistence 92\u003c\/p\u003e \u003cp\u003eSkills and Common Sense 95\u003c\/p\u003e \u003cp\u003eProfessional Common Sense 95\u003c\/p\u003e \u003cp\u003eSummary 98\u003c\/p\u003e \u003cp\u003eKey Message 98\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6: Information Processing: Observation and Thinking Techniques 99\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eYour Brain vs. Your Observation 102\u003c\/p\u003e \u003cp\u003eObservation vs. Heuristics 107\u003c\/p\u003e \u003cp\u003eHeuristics 107\u003c\/p\u003e \u003cp\u003eBehold Linda 108\u003c\/p\u003e \u003cp\u003eObservation vs. Intuition 109\u003c\/p\u003e \u003cp\u003eUsing Reasoning and Logic 112\u003c\/p\u003e \u003cp\u003eObserving People 114\u003c\/p\u003e \u003cp\u003eObservation Exercise 116\u003c\/p\u003e \u003cp\u003eAMs and Observation 122\u003c\/p\u003e \u003cp\u003eTying It All Together 123\u003c\/p\u003e \u003cp\u003eCritical and Nonlinear Thinking 124\u003c\/p\u003e \u003cp\u003eVector vs. Arc 127\u003c\/p\u003e \u003cp\u003eEducation and Critical Thinking 128\u003c\/p\u003e \u003cp\u003eWorkplace Critical Thinking 128\u003c\/p\u003e \u003cp\u003eCritical Thinking and Other Psychological Constructs 129\u003c\/p\u003e \u003cp\u003eCritical Thinking Skills 130\u003c\/p\u003e \u003cp\u003eNonlinear Thinking 131\u003c\/p\u003e \u003cp\u003eTying Them Together 132\u003c\/p\u003e \u003cp\u003eSummary 133\u003c\/p\u003e \u003cp\u003eKey Message 134\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7: Information Processing in Practice 135\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eReconnaissance 136\u003c\/p\u003e \u003cp\u003eRecon: Passive 145\u003c\/p\u003e \u003cp\u003eRecon: Active 149\u003c\/p\u003e \u003cp\u003eOsint 150\u003c\/p\u003e \u003cp\u003eOSINT Over the Years 150\u003c\/p\u003e \u003cp\u003eIntel Types 153\u003c\/p\u003e \u003cp\u003eAlternative Data in OSINT 154\u003c\/p\u003e \u003cp\u003eSignal vs. Noise 155\u003c\/p\u003e \u003cp\u003eWeaponizing of Information 158\u003c\/p\u003e \u003cp\u003eTying Back to the Objective 160\u003c\/p\u003e \u003cp\u003eSummary 170\u003c\/p\u003e \u003cp\u003eKey Message 170\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart III: Tools and Anatomy 171\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8: Attack Strategy 173\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAttacks in Action 175\u003c\/p\u003e \u003cp\u003eStrategic Environment 177\u003c\/p\u003e \u003cp\u003eThe Necessity of Engagement and Winning 179\u003c\/p\u003e \u003cp\u003eThe Attack Surface 183\u003c\/p\u003e \u003cp\u003eVulnerabilities 183\u003c\/p\u003e \u003cp\u003eAMs Applied to the Attack Vectors 184\u003c\/p\u003e \u003cp\u003ePhishing 184\u003c\/p\u003e \u003cp\u003eMass Phish 185\u003c\/p\u003e \u003cp\u003eSpearphish 186\u003c\/p\u003e \u003cp\u003eWhaling 187\u003c\/p\u003e \u003cp\u003eVishing 190\u003c\/p\u003e \u003cp\u003eSmishing\/Smshing 195\u003c\/p\u003e \u003cp\u003eImpersonation 196\u003c\/p\u003e \u003cp\u003ePhysical 199\u003c\/p\u003e \u003cp\u003eBack to the Manhattan Bank 200\u003c\/p\u003e \u003cp\u003eSummary 203\u003c\/p\u003e \u003cp\u003eKey Message 203\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9: Psychology in Attacks 205\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSetting The Scene: Why Psychology Matters 205\u003c\/p\u003e \u003cp\u003eEgo Suspension, Humility \u0026amp; Asking for Help 210\u003c\/p\u003e \u003cp\u003eHumility 215\u003c\/p\u003e \u003cp\u003eAsking for Help 216\u003c\/p\u003e \u003cp\u003eIntroducing the Target- Attacker Window Model 217\u003c\/p\u003e \u003cp\u003eFour TAWM Regions 218\u003c\/p\u003e \u003cp\u003eTarget Psychology 221\u003c\/p\u003e \u003cp\u003eOptimism Bias 225\u003c\/p\u003e \u003cp\u003eConfirmation Bias and Motivated Reasoning 228\u003c\/p\u003e \u003cp\u003eFraming Effect 231\u003c\/p\u003e \u003cp\u003eThin- Slice Assessments 233\u003c\/p\u003e \u003cp\u003eDefault to Truth 236\u003c\/p\u003e \u003cp\u003eSummary 239\u003c\/p\u003e \u003cp\u003eKey Message 239\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart IV: AFTER AMs 241\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10: Staying Protected— The Individual 243\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAttacker Mindset for Ordinary People 243\u003c\/p\u003e \u003cp\u003eBehavioral Security 246\u003c\/p\u003e \u003cp\u003eAmygdala Hijacking 250\u003c\/p\u003e \u003cp\u003eAnalyze Your Attack Surface 252\u003c\/p\u003e \u003cp\u003eSummary 256\u003c\/p\u003e \u003cp\u003eKey Message 256\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11: Staying Protected— The Business 257\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIndicators of Attack 258\u003c\/p\u003e \u003cp\u003eNontechnical Measures 258\u003c\/p\u003e \u003cp\u003eTesting and Red Teams 261\u003c\/p\u003e \u003cp\u003eSurvivorship Bias 261\u003c\/p\u003e \u003cp\u003eThe Complex Policy 263\u003c\/p\u003e \u003cp\u003eProtection 264\u003c\/p\u003e \u003cp\u003eAntifragile 264\u003c\/p\u003e \u003cp\u003eThe Full Spectrum of Crises 266\u003c\/p\u003e \u003cp\u003eAMs on the Spectrum 268\u003c\/p\u003e \u003cp\u003eFinal Thoughts 269\u003c\/p\u003e \u003cp\u003eSummary 270\u003c\/p\u003e \u003cp\u003eKey Message 271\u003c\/p\u003e \u003cp\u003eIndex 273\u003c\/p\u003e \u003cp\u003e\u003cb\u003eMAXIE REYNOLDS\u003c\/b\u003e is Technical Team Lead for Social-Engineer, LLC leading their efforts as a physical pentester and social engineer. She is a certified Ethical Hacker, Digital Forensic Investigator, and Social Engineer. She holds degrees in Computer Science, Underwater Robotics, and is qualified in Quantum Computing. She has worked as a physical pentester for banks, transport agencies, and other industries.\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eElevate your ethical social engineering and hacking skills with a proven set of techniques\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUnethical social engineers use deception to manipulate people into doing things contrary to their best interests. Whether this means attempting to discover passwords or gaining access to data, assets or physical locations, they use dishonest techniques to their benefit. Ethical social engineers and hackers, on the other hand, are paid by companies to use social engineering and attacker mindset (AMs) to legitimately probe systems, processes, and people for weaknesses so those vulnerabilities can be addressed, and future damages prevented. \u003c\/p\u003e\u003cp\u003eIn \u003ci\u003eThe Art of Attack,\u003c\/i\u003e accomplished social engineer and physical pentester Maxie Reynolds delivers an inside look at the attacker mindset, how best to use it and how to defend against it. The book explores the principles of the attacker mindset, including where to start an attack, persistence, non-linear thinking, observation techniques as well as the skills and laws of the mindset. It delves into processes, how to engage in reconnaissance and privilege escalation, and how to obtain redundant access, all without being detected. \u003c\/p\u003e\u003cp\u003e\u003ci\u003eThe Art of Attack\u003c\/i\u003e is an invaluable resource for social engineers, pentesters, red teams and anyone in cybersecurity. You’ll discover how to: \u003c\/p\u003e\u003cul\u003e\n\u003cli\u003e\u003cb\u003e Discover strategic tools you need to build your attacker mindset, including attack formation, process, recon, and more.\u003c\/b\u003e\u003c\/li\u003e \u003cli\u003e Utilize the skills and laws of attacker mindset.\u003c\/li\u003e \u003cli\u003eDetect the unique tells of an attack and how to avoid becoming a victim of one.\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47990160097509,"sku":"NP9781119805465","price":30.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119805465.jpg?v=1761786732","url":"https:\/\/k12savings.com\/products\/the-art-of-attack-isbn-9781119805465","provider":"K12savings","version":"1.0","type":"link"}