8th Layer Insights

Fun and Games: Lock Picking, Capture the Flag Contests, Simulations, and More


Listen Later

What images come to mind when you see or hear the word 'Cybersecurity?' That word probably evokes mental images of people hunched over keyboards launching cyberattacks at each other. Or maybe you picture someone picking a lock or stealing a badge to slip into a building. In other words, most people picture the battle... or what some might think of as "the fun parts." But, here's the thing. Not everyone gets to participate in these aspects of cybersecurity and, in many cases, finding safe and legal ways to practice these skills can be challenging. So where can curious minds turn?

That's where gamification can really help. There are a ton of really fun and engaging ways to learn these skills without fear of being arrested or breaking something. These are also great ways to level-up cybersecurity skills and help bring new people into the field. In this episode, we explore the "fun and games" of cybersecurity: lock picking, (CTFs) capture the flag competitions, simulations, and even pickpocketing and magical (sleight of hand and misdirection) thinking.

Perry's guests are Alethe Denis (social engineer and DefCon 2019 Social Engineering CTF winner), Deviant Ollam (penetration tester, lock picking guru, and Board Member of The Open Organization of Lockpickers), Chris Kirsch (Co-Founder and CEO of Rumble, DefCon 2017 Social Engineering CTF winner) , and Gerald Auger (Founder of Simply Cyber, Director of Cybersecurity Education & Cybersecurity Program Manager at ThreatGEN).

Guests:

  • Alethe Denis (LinkedIn) (Twitter) (Website)
  • Deviant Ollam (Twitter) (YouTube) (Website)
  • Chris Kirsch (LinkedIn) (Twitter)
  • Gerald Auger (LinkedIn) (Twitter) (YouTube)

  • Resources & Books:

    • What is Gamification?
    • Lockpicking Resources from Deviant Ollam
    • Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, by Deviant Ollam
    • Practical Lock Picking: A Physical Penetration Tester's Training Guide, by Deviant Ollam
    • TOOOL US -- The Open Organization of Lockpickers
    • TOOOL US instructional videos on YouTube
    • The Official TOOOL Slides
    • The Lockpicking Lawyer on YouTube
    • Bump Keys in the News - San Francisco #3 -- YouTube clip
    • TraceLabs OSINT Capture the Flags
    • 50 CTF (Capture the Flag) & Pentesting Websites to Practice Your Hacking & Cybersecurity Skills in 2021
    • Hands-on Hacking Demo | CTF - Capture the Flag in 15 Minutes!, YouTube video by ITProTV
    • Capture the Flag? Change Your Life, YouTube video by John Hammond
    • Don’t Wait for the Perfect Time for a Tabletop Exercise, National Law Review
    • ThreatGEN's Red & Blue Game
    • Gerald Auger's Simply Cyber Discord Server
    • Chris Krisch's pickpocketing talk at Layer8 Security Conference

    • Production Credits:

      Music and Sound Effects by Blue Dot SessionsEnvato Elements, & Storyblocks.

      Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com.

      8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/


      Want to get in touch with Perry? Here's how:

      • LinkedIn
      • Twitter
      • Instagram
      • Emailhello [at] 8thLayerInsights [dot] com

        Learn more about your ad choices. Visit megaphone.fm/adchoices

        ...more
        View all episodesView all episodes
        Download on the App Store

        8th Layer InsightsBy Perry Carpenter | N2K Networks

        • 5
        • 5
        • 5
        • 5
        • 5

        5

        56 ratings


        More shows like 8th Layer Insights

        View all
        Security Now (Audio) by TWiT

        Security Now (Audio)

        1,985 Listeners

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

        639 Listeners

        Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

        Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

        368 Listeners

        Hacked by Hacked

        Hacked

        181 Listeners

        CyberWire Daily by N2K Networks

        CyberWire Daily

        1,014 Listeners

        Smashing Security by Graham Cluley

        Smashing Security

        316 Listeners

        Click Here by Recorded Future News

        Click Here

        406 Listeners

        Malicious Life by Malicious Life

        Malicious Life

        924 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        7,958 Listeners

        CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

        CISO Series Podcast

        189 Listeners

        Hacking Humans by N2K Networks

        Hacking Humans

        316 Listeners

        Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

        Defense in Depth

        77 Listeners

        Cyber Security Headlines by CISO Series

        Cyber Security Headlines

        128 Listeners

        Hacker And The Fed by Chris Tarbell & Hector Monsegur

        Hacker And The Fed

        168 Listeners

        The FAIK Files by Perry Carpenter | N2K Networks

        The FAIK Files

        12 Listeners