Seats Available: n/a
Due to unforseen circumstances, Opposing Force has canceled this training course. Matteo Beccaro will still be speaking in the main conference.
Offensive Social Engineering is a two-day training course focused on advanced social engineering techniques. Social Engineering is discussed in both theory and practice: starting from the history of the discipline, the students are introduced to the basic psychological principles abused during Social Engineering attacks; the inner workings of the so-called Human OS are then detailed, thus providing the class a clear understanding of theoretical concepts that can be adopted during the practical design of attack scenarios. Finally, an agile and highly practical SE methodology is provided together with a series of real-world cases studies “dissection” sessions, which are used to better understand the key aspects of successful SE attacks.
What students will get:
The students will be provided with course slides in PDF format, tools for the in-class exercises and a subsidiary with extra notes concerning the discussed case studies.
No prior knowledge on the topic is required.
The course is design for security professionals and enthusiast interested in attack methods employed by malicious social engineers, and can be useful for performing ethical SE penetration tests or to increase attendees’ awareness.
Module 01 – Introducing Social Engineering
1.1 What is Social Engineering: multiple definitions
1.2 Understanding the roles of human security in a cyber-digital world
Module 02 – The Chronicles of Social Engineering
2.1 The History of Social Engineering Attacks
2.2 Modern Social Engineering
Module 03 – Hacking the Human OS
3.1 Human OS Architecture and Inner Workings
3.2 Mapping the Human OS Attack Surface
3.3 Psychological Principles Abuse Behind Social Engineering Attacks
Module 04 – Social Engineering in Theory and Practice
4.1 Introducing the Social Engineering Framework
4.2 Social Engineering in OSSTMM and CAPEC
4.3 Social Engineering Methodology
4.3.1 “War is 90% information” or collecting information for SE attacks
188.8.131.52 Advance remote information gathering & OSINT
184.108.40.206 On-site information gathering
4.3.2 Creating Attack Scenarios
4.3.3 Staging Attack Scenarios
4.3.4 Attack Execution
220.127.116.11 Remote Social Engineering
18.104.22.168 Physical Social Engineering and building intrusion
Module 05 – Lost in Deception: Case Studies & Final Considerations
Our website: http://www.opposingforce.it