Course Content

Course Description

Students will also learn about different types of social engineering attacks and gain hands-on experience in two labs using the Social Engineering Toolkit (SET). The course will also teach students behavioral and technical controls that can be implemented to reduce the likelihood of a successful social engineering attack.

This course covers basic information about social engineering. We will explore some fake social media profiles, craft our very own phishing email and malicious payload using the Social Engineering Toolkit (SET) in Kali Linux, and play the “victim” by opening the malicious file.

The course will help you understand why you should limit the information you are sharing on social media. We will also cover some basic items to include in your security awareness program. This course is beginner level, but students are expected to have basic computer knowledge. The course is targeted towards students that are studying for the EC-Council Certified Ethical Hacker (CEH) and/or the CompTIA Pentest+ certification examinations.

Target Audience

This course is designed for students looking to become junior penetration testers; however, the course can be taken by anyone.


It is recommended that students have some IT or cybersecurity knowledge, but not required.

Supplementary Materials

The course includes downloadable step by step lab guides that can be found in the Resource section of the course.

Course Goals

By the end of this course, students should be able to:

  • Understand different types of social engineering attacks
  • Understand behavioral and technical controls that can be used
  • Understand how to communicate basic security awareness to others

Social Engineering and Manipulation - Exploitation of the Human Element

Social engineering has been the cause of many of the most high profile cyber-attacks in recent years. The human element is too often the problem. In this online, self-paced Social Engineering and Manipulation training class, you will learn how some of the most elegant social engineering attacks take place. Learn to perform these scenarios and what is done during each step of the attack, from imitation through exploitation. This course is intended to help you better prepare your organization for defense of social engineering attacks, as well as how to ethically use these techniques for intelligence gathering. As a reminder, by taking this course, you agree to our terms of service.

Topics include: Intro to social engineering, exploitation lifecycle, digital information gathering, targeting, digital profile reduction, psychology of social engineering, elicitation, pretexting, cold calling, bypassing physical security, post exploitation, binary evasion and more.

Tools include: Kali Linux, Social Engineering Toolkit (SET), Google, Maltego, Scythe Framework, Recon-NG Framework, Creepy, Portable Virtual Box, Metasploit, Hyperion; Veil

Pre-requisites: This class is intended for cyber security professionals who have at least a baseline understanding of penetration testing and security policy principles. Approximately two years of experience in cyber security or Certified Ethical Hacker certification (or comparable cert) is highly recommended. If you do not meet these pre-requisites, it is recommended that you complete our Security+ and Ethical Hacker classes, before beginning.

CEU / CPE: 1 Total Clock Hours: 1 hr, 1 minute. Get a Certificate of Completion### What is Social Engineering and Manipulation?

Social engineering refers to the "art" of manipulating people to divulge confidential information. Typically, criminal hackers will rely on the fact that most people will be trusting (in varying degrees), and that it is much easier to trick employees of an organization into providing them with information (passwords, account numbers, etc.) they can use to exploit the company than to use traditional hacking methods to obtain it.

Social engineering professionals (white hat hackers) work for companies to prevent such exploitations by learning the methods that criminal hacker use and developing strategies to combat them.

What Does this Social Engineering Course Cover?

Our online Social Engineering course covers the methods that are used by criminals to exploit the human element of organizations, using the information to perform cyber attacks on the companies. In the class, you will learn to execute the methods yourself, in a step-by-step manner. The purpose of this training is to prepare you to defend your organization against social engineering attacks, and to learn how to use these methods ethically to gather intelligence.

In this Social Engineering and Manipulation class you will cover various topics, including introduction to social engineering, targeting, exploitation lifecycle, digital profile reduction, digital information gathering, psychology of social engineering, cold calling, elicitation, pretexting, post exploitation, bypassing physical security, binary evasion and other applicable subjects.

The tools used in this training course include:

  • Social Engineering Toolkit (SET)
  • Kali Linux
  • Maltego
  • Google
  • Scythe Framework
  • Creepy
  • Metasploit
  • Recon-NG Framework
  • Portable Virtual Box
  • Hyperion & Veil

This course is 3 hrs. and 55 min. of total clock hours, and you will receive a Certificate of Completion once finished.

Who Should Take this Social Engineering Training Course?

The Social Engineering course is ideal for:

  • People wanting to learn about ethical hacking and how social engineering plays a part
  • People who want to understand how criminal hackers gain access into secure systems
  • People who want to understand how secure their own organization's systems are from social engineering attacks

Additionally, students who take this class should be security professionals who have a basic knowledge of penetration testing and security policy principles, and who have worked in the IT industry for at least two years.

Why Study Social Engineering?

It's expected that cybercrime will cost the world $6 trillion annually by 2021, a significant increase from the $3 trillion it cost in 2015. That means that information security professionals, including social engineers, are in high demand. In fact, because there is so much cybercrime and an increasing demand for cybersecurity professionals, the field has little to no unemployment.

Social engineering is an essential part of the overall cybersecurity career field for those IT professionals who want to play an active role in the protection of their organizations' security controls.

A career in social engineering offers a substantial salary, flexibility, and often times, an exciting environment for those who love information security and technology. Social engineers may be hired on a permanent basis, but many are hired on contract or as consultants.

Which Jobs Will this Social Engineering Course Prepare Students For?

Most positions in the IT field now require employees to possess knowledge and skills in cybersecurity, no matter what the specific roles are. That means that training in social engineering and manipulation will better prepare you for any position in an IT department. Specifically, penetration testers, network engineers, cybersecurity engineers, and certified information security managers will all benefit from this course.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor

Provided By


Course Components

On Demand Videos to learn from industry leaders
Virtual Labs to gain hands on experience and apply what you learned
Assessments to gauge understanding and comprehension

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a Social Engineering Certificate of Completion