Sveriges mest populära poddar

The Social-Engineer Podcast

Ep. 128 - OSINT, Vishing and the Winning the SECTF with Alethe Denis

48 min • 13 april 2020

Episode Highlights:

  • Alethe shares her initial thoughts on receiving details about her target company.
  • One mistake Alethe made in her first competition was misunderstanding that you can repeat flags.
  • Alethe outlines how she prepared for the second competition, including watching re-enactment videos.
  • Chris and Alethe discuss the importance of pretext and the key switch Alethe made.
  • Alethe describes the experience of bringing a young baby to DefCon.
  • She spent over 100 hours of time on her OSINT report. She spent even more time getting ready for the calls.
  • Alethe tells us the most dangerous OSINT she found in her research.
  • Alethe compares real-life vishing to competitive vishing.
  • The time factor gave Alethe anxiety during her first competition. Learn how she managed this the second time around.
  • They discuss the name game and how to use it effectively or ineffectively.
  • Learn the important way the black badge changed Alethe’s life.

 

3 Key Points:

  1. Dedicate a big chunk of time to prepare for the conference by listening to podcast episodes, watching re-enactments, and preparing your OSINT report.
  2. In her OSINT research, Alethe was able to find information as dangerous as the types of equipment and software the company used freely available to the public.
  3. In real-life vishing, you have time to establish rapport. Competitive vishing moves much faster.

Resources Mentioned:

00:00 -00:00