Cheat Codez - Level Up Your SE Game

Explore advanced social engineering techniques and strategies in this DerbyCon 3.0 conference talk. Delve into various aspects of social engineering, including transit systems, social functions, client-side attacks, and surveillance methods. Learn about frameworks, automation, and business recalibration approaches. Discover innovative phishing techniques, such as traditional methods, value-based phishing, and live bait fishing. Gain insights into preparation, proxy cleansing, architecture, and result tracking. Understand the importance of attacker preparation, OWA enumeration, VPN privileges, and side channels. Examine response strategies, incident preparation, and legal considerations. Enhance your social engineering skills and stay ahead of potential threats in this comprehensive presentation.

Intro
Transit Systems
Social Functions
Client Side Attacks
Client Side Surveillance
Answer: Kids!
Frameworks and Automation
Out of Alignment
Outside of the Lab
Business Recalibration
Traditional Phishing
How it should be Done
Phishing for Value
Preparation
Proxy Cleansing
Architecture
Tracking Results
It's Not Just About Metrics
Attacker Prep
Phishing Techniques
Live Bait Fishing (Netting)
OWA Enumeration
VPN Privileges
Phish In The Middle (PiTM)
Side Channels
Chum and Clean
The Response
You Called?
The Cleaner
Prepare for Incident Response
Prepare for ISP Abuse Alerts
Dealing with Legal Counsel
Out of Scope Shells