Social Engineering
The Science of Human Hacking · 2nd Edition
Christopher Hadnagy's broad procedural reference on social engineering as a discipline — recon, pretexting, elicitation, microexpressions, and the structured engagement model his consultancy operationalized.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Christopher Hadnagy
- Published
- 2018
- Publisher
- Wiley
- Pages
- 320
- Edition
- 2nd Edition
- Language
- English
Read this if
Working SE practitioners, awareness-program leads, and people building structured social-engineering engagements who want a single reference for the discipline. Stronger on framework and process than Mitnick; the elicitation and influence chapters draw heavily on Cialdini and Ekman.
Skip this if
Readers wanting Mitnick-style war stories or modern AI-driven SE tradecraft (deepfake voice clones, LLM-assisted spearphish). Hadnagy's controversial separation from DEF CON in 2022 is also worth being aware of as context for the author rather than the book.
Key takeaways
- SE is a structured engagement, not a stunt; the book operationalizes the kill chain in a way most practitioners can adapt directly.
- Microexpression and influence material is borrowed but well-applied; the chapters on elicitation are the book's most cited.
- The framework (information gathering → pretext → influence → exit) is the book's lasting contribution and the implicit syllabus for most modern SE training.
Notes
Pair with The Art of Deception (Mitnick) for the canonical case-study companion and with Practical Social Engineering (Gray) for a more recent, less Hadnagy-centric treatment. Cialdini's Influence is the explicit theoretical scaffolding; reading the original after Hadnagy is rewarding. Useful as a textbook for the discipline; consume the framework, then update the tradecraft chapters with current AI-era material from primary sources.
What to read before
What to read before Social Engineering →Beginner · 2002
The Art of Deception
Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.
Beginner · 2019
The Pragmatic Programmer
Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.
Beginner · 2020
Alice and Bob Learn Application Security
Tanya Janca's hands-on AppSec primer covering threat modeling, secure design, secure coding, testing, deployment, and the social side of running an AppSec program — through a friendly, narrative-driven structure.
What to read next
What to read after Social Engineering →Advanced · 2009
Les virus informatiques : théorie, pratique et applications
Éric Filiol's reference French-language treatment of computer virology. Formal theory, infection mechanisms, offensive and defensive applications, with academic rigor rare on the topic.
Advanced · 2005
Silence on the Wire
Michal Zalewski's classic on the indirect attack surface: timing channels, protocol-stack fingerprinting, and the often-overlooked side data leaked by every layer of a stack.
Beginner · 2002
The Art of Deception
Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.
Explore similar books
Alternatives to Social Engineering →Beginner · 2002
The Art of Deception
Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.
Intermediate · 2022
Practical Social Engineering
Joe Gray's working manual for the social-engineering side of red team and threat intel: OSINT-driven recon, pretexting, phishing infrastructure, and the legal and ethical boundaries that separate professional work from criminal activity.
Beginner · 2019
The Pragmatic Programmer
Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.