Social Engineering
Social Engineering and Human Exploitation
A practical course on how attackers exploit human psychology, the modern threat landscape, and the procedural defences that hold up.
Five modules. Foundations covers Cialdini's six principles, the broader cognitive-bias set attackers exploit, the 2026 threat landscape (deepfake voice, MFA-bypass commoditisation, BEC scale), and the legal/ethical framework around offensive engagements. Reconnaissance and OSINT covers the workflow, human-source intelligence, technical reconnaissance, and dossier-building discipline. Pretexting and Phishing covers anatomy of a pretext, large-scale phishing operations, spear/whaling/BEC, and MFA bypass via AiTM kits. Voice, SMS, and Physical covers vishing in depth, smishing + mobile attacks (OTP pump, SIM swap, push fatigue, quishing), and physical penetration testing. Defense and Capstone covers the procedural defender framework, in-flight detection, and a capstone walkthrough of three publicly documented incidents (Twitter 2020, Cisco 2022, MGM 2023).
This isn't theory. Every technique in this course has been used on real engagements against real organisations, and the defender framework is what those organisations are converging on.
**Prerequisites:** None. Curiosity about how people think helps more than any technical background.
**Estimated time:** ~10 hours across 5 modules and 18 lessons, plus module quizzes and a certificate exam.
