Overview
Explore a 25-minute conference talk from DEF CON that delves into a detailed first-person narrative of executing complex Red Team operations through pure Social Engineering techniques. Learn how professional Social Engineering units operate, including team roles, methodologies, and techniques for achieving critical infrastructure access without triggering alerts. Through practical examples and audience participation, discover the systematic approach to emulating cybercriminal gang capabilities within a three-week timeframe. Follow the complete process from initial client meetings through information gathering, vector selection, exploitation, pretexting, and physical intrusion into datacenters. Understand how to present critical vulnerabilities professionally while maintaining target company confidentiality through an engaging live comic-style presentation format. Gain insights into how consistent Social Engineering practice transforms luck-based attempts into reliable, repeatable security assessment methodologies.
Syllabus
DEF CON 32 - Master Splinter’s initial physical access dojo - Daniel Isler
Taught by
DEFCONConference