Overview
Explore advanced techniques in social engineering and open-source intelligence (OSINT) for penetration testing in this 57-minute conference talk from BSides Tampa 2018. Delve into the fundamentals of social engineering, its real-world applications, and how it intersects with OSINT. Learn about effective OSINT gathering methods, practical examples, and their combined use in penetration testing. Discover valuable mitigation strategies, with a strong emphasis on the critical importance of employee training in cybersecurity. Gain insights into the latest trends and best practices in these essential areas of information security.
Syllabus
Intro
What is Social Engineering?
Examples of Social Engineering
Application of Social Engineering
What is OSINT?
Where can one gather OSINT?
A good OSINT Example
How does OSINT and SE Mesh?
Collecting OSINT?
Applied OSINT for SE
Mitigations
TRAIN YOUR PEOPLE!!!
Final training rant