Spin the bottle: Coupling technology and SE for one awesome hack presented at AppSecUSA 2012

by David Kennedy,

Tags: Security

Summary : "Social-Engineering is nothing new. From the dawn of man, social-engineering has been an avenue to obtain results through manipulation and deception (not always). As the creator of the Social-Engineer Toolkit (SET), I get a wide variety of experiences and new techniques in identifying ways to penetration organizations in a unique way. You never know what you are going to get on the other end. It's a game of chance, odds, and confidence. During this talk, we'll dive down into how social-engineering and technology can be used in order to compromise multiple avenues of an organization and live demonstrations of a new version of the Social-Engineer Toolkit. I'll also be walking through some of the different SE scenarios and how I overcame a number of challenges and hurdles while performing some of the most difficult red team exercises. Let's play a game of spin the bottle, where the person on the other end is a complete anomaly and unknown. Where your confidence matters and your pretext is everything."