Explore the world of social engineering through Robert Sell's conference talk on his experience at the Defcon 2017 SE CTF. Learn about OSINT techniques, vishing strategies, and the "incorrect confirmation" method used to gather sensitive information from organizations. Discover how to design effective pretexts that trigger emotional responses and understand the patterns used by social engineers. Gain insights into strategies for reducing exposure and risk, including building defenses, getting on the offense, and implementing a culture shift. Examine the tools and resources available for physical, technical, corporate, and staff-related aspects of social engineering prevention.
Overview
Syllabus
Intro
Value Proposition
Social Engineering/What's Nexhse
Social Engineering/Shock&Awesec
OSINT/Acquire Target
OSINT/Detection
OSINT/Pretext Development nsec
Vishing/Marks
Vishing/SE Techniques
Vishing/Pretexts - 2 of 3
A Reflective Moment
Recommendations
Tools/Physical
Tools/Technical
Tools/Corporate
Tools/Staff
Resources
Taught by
NorthSec
