The Social-Engineer Podcast

Ep. 128 - OSINT, Vishing and the Winning the SECTF with Alethe Denis


Listen Later

Episode Highlights:

  • Alethe shares her initial thoughts on receiving details about her target company.
  • One mistake Alethe made in her first competition was misunderstanding that you can repeat flags.
  • Alethe outlines how she prepared for the second competition, including watching re-enactment videos.
  • Chris and Alethe discuss the importance of pretext and the key switch Alethe made.
  • Alethe describes the experience of bringing a young baby to DefCon.
  • She spent over 100 hours of time on her OSINT report. She spent even more time getting ready for the calls.
  • Alethe tells us the most dangerous OSINT she found in her research.
  • Alethe compares real-life vishing to competitive vishing.
  • The time factor gave Alethe anxiety during her first competition. Learn how she managed this the second time around.
  • They discuss the name game and how to use it effectively or ineffectively.
  • Learn the important way the black badge changed Alethe’s life.

 

3 Key Points:

  1. Dedicate a big chunk of time to prepare for the conference by listening to podcast episodes, watching re-enactments, and preparing your OSINT report.
  2. In her OSINT research, Alethe was able to find information as dangerous as the types of equipment and software the company used freely available to the public.
  3. In real-life vishing, you have time to establish rapport. Competitive vishing moves much faster.

Resources Mentioned:

  • Chris Kirsh re-enactment video
  • Alethe Denis Twitter, LinkedIn
  • The Hitchhiker’s Guide to the Galaxy (book)
  • Innocent Lives Foundation
  • Human Hacker Twitter
  • SE Village Twitter
...more
View all episodesView all episodes
Download on the App Store

The Social-Engineer PodcastBy Social-Engineer, LLC

  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

149 ratings


More shows like The Social-Engineer Podcast

View all
Security Now (Audio) by TWiT

Security Now (Audio)

1,981 Listeners

Risky Business by Patrick Gray

Risky Business

364 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

640 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

371 Listeners

Hacked by Hacked

Hacked

181 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,017 Listeners

Smashing Security by Graham Cluley

Smashing Security

316 Listeners

Click Here by Recorded Future News

Click Here

407 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,921 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

163 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

Hacking Humans by N2K Networks

Hacking Humans

311 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

76 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

128 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners