Explore an innovative approach to automated spear phishing on Twitter using machine learning and data science techniques. Learn how to leverage recurrent neural networks, clustering algorithms, and natural language processing to generate targeted phishing campaigns. Discover methods for identifying high-value targets based on social engagement metrics, and understand the process of creating personalized content using timeline data. Examine the effectiveness of this approach through real-world testing and comparisons to manual efforts. Discuss potential applications, ethical considerations, and mitigation strategies for this powerful social engineering technique. Gain insights into the intersection of offensive security, artificial intelligence, and social media exploitation.
Weaponizing Data Science for Social Engineering - Automated E2E Spear Phishing on Twitter
Overview
Syllabus
Intro
A Novel Phishing Campaign Design
Fooling Humans for 50 Years
ISO: Demo Volunteers
Why Twitter?
Techniques, Tactics and Procedures
Design Flow
Triage of High Value Targets on Twitter
Choosing a URL shortener
Desirable properties of URL shortener
Recon and Footprinting for Profiling
Leveraging Markov Models
Training a Recurrent Neural Network
Tradeoffs and Caveats
Language and Social Network Agnosticism
Wild Testing SNAP R
Pilot Experiment
Man vs. Machine 2 Hour Bake Off
Potential Use Cases
Mitigations
Black Hat Sound Bytes
Taught by
Black Hat
