Cyber Shelf

// Prerequisites

What to read before Social Engineering

If Social Engineering feels too steep at intermediate level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

Social EngineeringFoundations

  1. 01 · 2002

    The Art of Deception

    Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.

    Beginner
    4/5Kevin Mitnick, William L. Simon

  2. 02 · 2019

    The Pragmatic Programmer

    Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.

    Beginner
    5/5David Thomas, Andrew Hunt

  3. 03 · 2020

    Alice and Bob Learn Application Security

    Tanya Janca's hands-on AppSec primer covering threat modeling, secure design, secure coding, testing, deployment, and the social side of running an AppSec program — through a friendly, narrative-driven structure.

    Beginner
    4/5Tanya Janca

  4. 04 · 2018

    Click Here to Kill Everybody

    Bruce Schneier's policy-level argument that as everything becomes a computer (cars, medical devices, infrastructure, voting), the security failures that used to merely cost us money will start costing lives — and the regulatory shape of that future is being decided now.

    Beginner
    4/5Bruce Schneier

  5. 05 · 2022

    Cyberattaques

    A clear, journalistic decoding of the cyberattack ecosystem — ransomware gangs, state actors, and the economics and geopolitics behind the headlines — by one of France's best-known cyber experts.

    Beginner
    4/5Gérôme Billois, Nicolas Cougot

  6. 06 · 2023

    Fancy Bear Goes Phishing

    Five famous hacks used as a way into the deeper question of why software is insecure at all, written by a Yale law professor who learned to code to write it. More a history and theory of vulnerability than a how-to.

    Beginner
    4/5Scott J. Shapiro

  7. 07 · 2019

    Foundations of Information Security

    Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.

    Beginner
    4/5Jason Andress

  8. 08 · 2011

    Ghost in the Wires

    Kevin Mitnick's first-person account of his 1990s social-engineering and phone-system intrusions, foreword by Steve Wozniak. Self-promotional in tone but a primary source on a defining era.

    Beginner
    4/5Kevin Mitnick, William L. Simon
Back to Social EngineeringWhat to read after Social Engineering