Winning the SECTF – DEF CON 22

TheWinnerandChris-Webv2

As written by Stephanie Carruthers

The Social Engineering Capture The Flag (SECTF) is a competition that is held at DEF CON. The competition is comprised of two parts, an information gathering phase and live call phase. A target company is randomly assigned and the information gathering stage begins with research of the company (by only using open-source intelligence and no physical contact) followed by writing a report based on information found. The second phase takes place during DEF CON, the contestants make live calls to the target companies to try and gather as many flags as possible.

The flags are based on various groups of information such as: general I.T. information, vendor information, and employee information. The flags themselves are all seemingly innocuous information, such as “what operating system is in use”. However, an attacker could take that information to the next level and create a targeted attack based on that operating system.

Continue Reading >

DEF CON 22 – Are You Ready?

DEF-CON-20-Hacking-Conference-Pictures-from-Viss-Closing-Ceremonies

Are you ready for blistering 115-degree heat, the never-ending press of black t-shirts, and fast-talking social engineers? Then you, my friend, are ready for DEF CON 22! Social-Engineer.Org have so much goodness to tell you about. First, let’s start with the Social Engineering Village. This will be our second year at running SE fun and Continue Reading >

The Social Engineering Infographic

InfoGraphicBlog

Social engineering. We can remember a time when typing that into a search engine lead to almost no return. Maybe some “free burger” videos or the like, but nothing about security. Jump forward to the present day and Social engineering is more than just “free burgers”, it is a vector used in over 66% of Continue Reading >

Victory Nonverbal

Denver-Broncos-vs-Seattle-Seahawks-SuperBowl1

Social engineers and psychologists may specialize in recognizing nonverbal cues but they have never won a Super Bowl with their skills. Richard Sherman and the Seattle Seahawks secondary did exactly that. By decoding some of the hand signals Peyton Manning used in Super Bowl XLVIII to communicate with his receivers, the Seahawks gained an advantage over Continue Reading >

SECTF at DEF CON 22 – TAG TEAMS

SECTF-Tag-Team-WebGFX

Wait?  Is it really that time again?  No, it can’t be.  I mean didn’t we just leave DEF CON, like what… five minutes ago?  (checks watch) Nope, its that time folks.  DEF CON will be upon us like a crazed starving vulture picking apart our brains and leaving us in heaps of sleepless, unshowered, prehuman Continue Reading >

Social-Engineer.Org – Reborn and Recreated

seorg-reborn

It was almost 5 years ago that we launched the social-engineer.org site.  Honestly folks, if you had asked me to predict what would come of it my wildest dreams would not have lead me to this.  Almost 5 years, 2 books, a number of worldwide trainings, a company and much more later it was time Continue Reading >