Cheat Codez: Level UP Your SE Game presented at DerbyCon 2013

by Eric Smith,

Summary : Everyone knows what phishing is. Everyone realizes Java applets lead to massive storms of shells. Everyone accepts tailgating is the easiest way into your building. Everyone knows smoking (areas) are bad for you AND your business. Admit it, you paid for that EXACT assessment last year. I could write your report for you without even doing the job. So what’s the problem you ask? That’s EXACTLY the problem, I say. So how do we fix these issues that plague our industry and misalign business expectations? This talk will discuss the value of Social Engineering exercises when conducted with realistic goals yielding actionable results. Of course, that means putting in REAL work throughout the engagement, not “point, click, report, rinse and repeat”. We’ll discuss tips, techniques and secrets that the PROS don’t always blog about. *PRO TIP* – This won’t be a talk on how to use a particular framework or release of a tool (there are plenty of those already). So bring your work boots, it’s time to get dirty and UP your game.