// Comparison

Practical Social Engineering vs Sécurité informatique - Ethical Hacking: Which Should You Read?

Two cybersecurity books on Pentesting, compared honestly: who each is for, what each does best, and which to read first.

Intermediate

4/52022

Practical Social Engineering

A Primer for the Ethical Hacker

Joe Gray

Joe Gray's working manual for the social-engineering side of red team and threat intel: OSINT-driven recon, pretexting, phishing infrastructure, and the legal and ethical boundaries that separate professional work from criminal activity.

Intermediate

4/52022

Sécurité informatique - Ethical Hacking

Apprendre l'attaque pour mieux se défendre

ACISSI

The French-language reference for offensive security: a thick, lab-heavy tour of the attacker's toolkit, maintained across editions by the ACISSI collective under the motto “learn the attack to better defend.”

Read this if

Red teamers, fraud investigators, and threat-intel analysts who need to operationalize social engineering as a discipline rather than a stunt. Strongest for the OSINT-to-pretext pipeline — Gray shows how recon directly shapes what your call sounds like.

French-speaking students and aspiring pentesters who want one comprehensive offensive-security manual: reconnaissance, network and web attacks, social engineering, forensics and Metasploit, all hands-on. The closest French equivalent to the English pentest canon.

Skip this if

Readers wanting Mitnick-style war stories. Gray writes like a practitioner, not a memoirist; the book is procedural and careful, not dramatic. Also light on adversarial deepfake / voice-clone tradecraft, which is where the field has moved since 2022.

Advanced practitioners who already work in English and live in PortSwigger Academy and current tooling. The breadth means each topic is an introduction rather than a deep dive, and editions lag the fastest-moving tradecraft.

Key takeaways

Recon is the engagement: a pretext that doesn't survive contact with the target's reality is a recon failure, not a delivery failure.
Documentation, scoping, and consent are not bureaucratic overhead; they are what separate professional social engineering from social engineering.
OSINT and SE are the same workflow viewed from two sides — what you can find is what you can credibly claim to know.

The single most complete offensive-security book in French — breadth is the selling point, covering recon through forensics in one volume.
Every chapter is exercise-driven; treated as a workbook with a lab VM it teaches well, read passively it teaches little.
Multi-author and re-edited regularly, so quality is uneven chapter to chapter but currency beats most French tech books.

How they compare

Practical Social Engineering and Sécurité informatique - Ethical Hacking are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Both books target intermediate-level readers, so the choice is about topic, not difficulty.

Practical Social Engineering and Sécurité informatique - Ethical Hacking both cover Pentesting, so reading them in sequence reinforces the same material from different angles.

Keep reading