2021 Conference Schedule

Note: Our start times are unconventional because we allowed the speakers to choose the amount of time that they wanted to speak. Please note start times carefully in both tracks. Talk descriptions are below the table. All times are US Eastern Time. Schedule is subject to change.

Rapid7
PentesterLab
TimeSpeakerTimeSpeaker
9:40OpeningCeremonies
10:00Ines Narciso (50 mins)
Genealogy: OSINT and Social Engineering potential
10:00Christina Lekati (60 mins)
Beyond Influence Techniques: Broadening your Social Engineering Skillset Through Psychology
11:00Richard Davy (60 mins)
PERSINT – How to build a rapid communication profile using OSINT
11:05Dr. Grigorios Fragkos (20 mins)
HUMINT phrases to identify background characteristics
11:30Nicholas Doerner (25 mins)
The Great Casino Heist: key takeaways from my first big social engineering engagement
12:00Networking Break12:00Networking Break
1:00Michele Stuart (60 mins)
Peek a Boo – I See You or OSINT for Tactical Investigations
1:00Mishaal Khan (30 mins)
Pivot, Pivot, Pivot!
2:05Perry Carpenter (60 mins)
The Psychology of Attack and Defense
1:35Rae Baker (30 mins)
Illuminating Maritime Supply Chain Threats using OSINT: A Suez Canal Post Mortem
3:10Ursula Cowan (40 mins)
Social Engineering the Interview
2:10Zlata Pavlova (50 mins)
Recon Done Right – Physical Edition
3:55Brandon Becker (30 mins)
Pattern Interrupts in Social Engineering
3:05Matt Malone (45 mins)
From the Dumpsters to the Front Page
4:30Samantha Gamble (30 mins)
The Innocent Lives Foundation’s Method of OSINT
3:55Dr. Ryan Louie (35 mins)
#Psybersecurity: The Signs and Symptoms of a Mental Health Attack Surface
5:05Roelof Temmingh (35 mins)
Hoarding the web: Capturing information in 2021
4:35Erika Sonntag (60 mins)
No1Slav: Dark Web Identity Resolution
5:45ClosingCeremonies

Ines Narciso – “Genealogy: OSINT and Social Engineering potential”
Online genealogy platforms have been a growing in the number of users and the amount of content available. They are very often not considered by OSINT researchers since most of the data available is about older generations, most of whom have already died. However, as a Social Engineering pivot point, this data may be very usefull, even if it is just to find out your mother’s maiden name.This presentation will consist of two parts. The first one will include a review of several genealogical platforms. This review will approach the type of data that can be collected, examples of search techniques that can be used and the different type of databases that can be explored. This will include an demonstration on the OSINT potential of user profiles.On the second part, considering the conclusions drawn at the first stage, some demonstrations will be made on the relevance and value of the OSINT collected as a pivot point for a Social Engineering approach. The ease and enthusiasm in which people will engage and share sensitive information in this realm will be discussed the and pros and cons of this behaviour debated. In that sense, this talk also hopes to raise awareness among uses, genealogical platforms and remind the ethical boundaries in OSINT and Social Engineering work.

Christina Lekati – “Beyond Influence Techniques: Broadening your Social Engineering Skillset Through Psychology”
Social engineering as a field is largely dependent on understanding, predicting, and influencing human behavior. Influence and persuasion tactics are often fascinating topics of conversation within many circles of social engineers. But, they are barely scratching the surface when it comes to truly understanding humans and what influences their behavior. This talk aims to dive deeper into the topic of human behavior within the context of social engineering and security by leveraging interdisciplinary knowledge. We will look into the field for psychology, to help us better understand our universal hard-wiring, and into human intelligence (HUMINT) techniques. This will include how cognition and perception work, and how biopsychology and situational factors can influence the decision-making processes. This is the psychological layer that involves our basic hard-wiring and applies universally to all people. But we will also discuss our individual behavioral wiring. This includes aspects such as personality, self-identity and past experiences as elements that make us unique. They are aspects helping to assess specific targets. Security professionals working with high-value targets will find this section particularly useful, as they will learn to read their targets in a more tailored way, find potentially exploitable weaknesses, as well as communicate with them in a more effective manner. Examples will be provided. This talk aims to open some new horizons by introducing and initiating social engineers into new topics and behavioral science that will help them better serve the people they are ultimately trying to protect.

Richard Davy – “PERSINT – How to build a rapid communication profile using OSINT”
PERSINT is the use of Open Source Intelligence gathering and Social Engineering techniques, such as behavioral and communication analysis to determine the pretext that would be best to approach a subject with. Things such as what language we use to define our good days and bad days, our likes, our hobbies. How do we describe the world? Do we for the most part like it? Or do we see ourselves in a constantly down trodden state? Do we focus on others when we speak? Do we focus on ourselves? In addition to these topics, what are we talking about? Our new stuff? How strong we are? Or how bad we have it? This talk will focus on the idea that we can use these language patterns, and interactions to build out successful pretexts in social engineering and general everyday conversations.

Dr. Grigorios Fragkos – “HUMINT phrases to identify background characteristics”
A collection of distinctive words that people fail to pronounce or fail to say “properly”, despite how well their English is, allowing a third-party to distinguish (in some cases) their background/origin or influences they might have. These words/phrases act as a “tell” (like some people have a tell when playing poker, or when specific hand gestures are used by certain nationalities when speaking) allowing a profiler, a social engineer, an investigator to narrow down the background of the individual in question. This first iteration of this project starts with the assumption that the spoken language in question is English (EN), in an attempt to collect/identify which (magic) words in spoken English are pronounced in a distinctive way by individuals that can lead someone in narrowing down (or even identifying) the origin of the respective accent. Please note, this is for identifying spoken flaws in people who speak in a perfect (or extremely well) English accent. As the HUMINT phrases project gets more contributions, there will be an attempt to create a paragraph (a set of paragraphs per spoken language) which in theory could be read by any English-speaking individual, (irrespective which is their mother-tongue) and provide enough hints to identify (or narrow down) what kind of language-influences this individual has.

Nicholas Doerner – “The great casino heist: key takeaways from my first big social engineering engagement”
This is your first big social engineering engagement. The target, a casino. You have been given free reign to do just about anything you can dream of to get access to secure areas, systems, and anything juicy that someone may want to walk out with. The only off-limits areas are the cash rooms and the main vault. What do you do? A combination of OSINT and social engineering can get you anywhere you need to go if executed properly and there may be some things even more valuable than a vault in the less traveled areas within the casino. This talk will explore the approach taken in this situation including the critical successes (and failures) that led to the overall outcome of the engagement. These key takeaways are useful in learning what works well and what doesn’t in certain environments for those new to social engineering from both an offensive and defensive standpoint. In this talk we will examine the approaches used with OSINT gathering, phishing, vishing, and on-site social engineering to see the full picture of events that led to the final result. A few small changes in any of these areas may have led to a much different outcome.

Michele Stuart – “Peek a Boo – I See You or OSINT for Tactical Investigations”
The internet provides investigators with the ability to ascertain information on subjects efficiently. Focusing on the individual(s) is not always the answer. Identifying actionable intelligence is an extremely important aspect in research to assist in the identification, movement, business associations, relatives, addresses / telephone numbers of individuals. Additionally, correct searches of social media platforms can assist in identifying suspects and witnesses in an investigation. In this class, you will learn how to utilize correct search patterns and open sources for social media platforms.

Mishaal Khan – “Pivot, Pivot, Pivot!”
The presentation walks through the process live, from beginning to end on how an investigator would take 1 or 2 pieces of “seed” information about a target and build an entire mind map of information. While the demo will show some basic OSINT techniques, it will primarily focus on the process and advanced techniques to obtain and verify information on an asset or person of interest. Techniques used by hackers will be incorporated for advanced techniques that may include Kali Linux, cracking, url manipulation, automation, scraping, breached data, and public government records. Experience, intuition and knowledge in OSINT will all be displayed and talked about throughout the live demo.

Perry Carpenter – “The Psychology of Attack and Defense”
Discover the art and science behind deception, and why you may still fall for dirty tricks even after you understand how they work. From the slight-of-hand used by magicians, to the slight-of-tongue used by politicians, we are all wired to deceive and to be deceived. See how threat actors use these techniques against your end-users and how security awareness training can help them spot deceptions before it’s too late. Join well-known security and deception researcher Perry Carpenter as he shows you how easily we can be deceived and how that relates to our understanding of social engineering scams, disinformation campaigns, and more.

Rae Baker – “Illuminating Maritime Supply Chain Threats using OSINT: A Suez Canal Post Mortem”
What if by using OSINT the Evergreen container ship becoming lodged in the Suez Canal could have been predicted or even prevented? This talk will walk through the events leading up to and during the Suez Canal disaster including potential supply chain threats and possible outcomes. We will attempt to answer the question “ How can we as OSINT analysts provide actionable intelligence that may prevent a large ship like the Evergreen from a similar fate.”

Ursula Cowan – “Social Engineering the Interview”
Ever get completely flustered when it’s time for the interview portion of job seeking? Do you think that because you are introverted you can’t use social engineering to help not only better deal with any social anxiety you might have, but also to help the presenters get to know the real you? Are you extroverted but yet still get nervous when faced with the possibility of a shiny new job prospect? In this presentation, participants will learn how to apply social engineering principles to help further their chances at a successful interview. We will discuss the psychology principles that are behind the social engineering principles we will use and practical, actionable steps to making both you and the interviewer feel more comfortable, get to know a bit about each other, and potentially start you on the road. Participants will leave here with tools to immediately go into an interview and show their best selves.

Zlata Pavlova & Rob CurtinSeufert – “Recon Done Right – Physical Edition”
Have you ever walked through a swamp at 3 am? Have you driven around blocks trying to mark what cars are located in the parking lot? Have you sat in the reeds taking pictures of cameras and doors? Have you spent so much time doing OSINT that your eyes cross? If you answered yes to at least 2 of these questions – you must be a physical Penetration Tester. In this talk, we will share tips and tricks of our tradecraft with you. We discuss our preparation, mindset, load-out, and execution methods that work for us. We will do a deep dive into the three most important aspects to us: preparation, reconnaissance, and planning. We will cover our 5 phase approach to a physical penetration test (Digital Recon (OSINT), Physical Recon, Analysis and Planning, Breach and Site Exploitation), when and where social engineering should be used and why, and how to plan and be prepared for unseen circumstances by accounting for multiple unique variables. With our methodology, if the Recon, Analysis, and Planning are done correctly the breach and Site Exploitation should be less than 10 percent of the work. Come join us as we discuss how and why this is and learn from our mistakes and our successes.

Brandon Becker – “Pattern Interrupts in Social Engineering”
Pattern interrupt techniques have been a mainstay of hypnosis for over fifty years and a staple of con-artistry for centuries longer. These techniques can be easily learned and implemented to induce a state of confusion that leaves the target temporarily suggestible. Social engineers can exploit this to bypass the critical thinking of a human target or barrier. Human beings have thousands of automatic behavior patterns that are executed as complete behaviors. For example, a handshake has many components: initial visual/verbal contact, first extended hand, meeting that hand with one’s own, shaking up and down, then releasing. If any part of that pattern is interrupted, the brain becomes confused. Confusion is an uncomfortable emotion and an incredibly resource-intensive state. It overtakes other thought processes until the confusion can be ended, performing a trans-derivational search for the meaning behind the interruption. This all happens in mere seconds. After that, the person may ask questions in order to end the confusion if they have not found a sufficient answer internally. In those few seconds of confusion the social engineer can direct the target to a new thought and their brain will be much more likely to accept this redirection in order to end the confusion state.

Matt Malone – “From the Dumpsters to the Front Page”
Human nature overrules Security controls without training every time. Many Elements can contribute to the vulnerability of your organization however none is more prevalent than the human factor and optimistic bias. A large issue facing all industry as it relates to security is its misguided faith in technology that either does not exist or does not work as configured. We must all take back responsibility and quit assuming someone must be on watch as we all lay sleeping. While dumpster diving, I have found numerous company records, private data, even classified missile guidance system documents on a flash drive, all discarded in the trash. We will explore human nature and the hard to believe truths about where our data ends up and how it can cripple your company. One man’s trash is another man’s information goldmine.

Samantha Gamble – “The Innocent Lives Foundation’s Method of OSINT”

Dr. Ryan Louie – “#Psybersecurity: The Signs and Symptoms of a Mental Health Attack Surface”
Mental health has become well-known as a critical component to cybersecurity, both for individuals and organizations. However, there is an emerging question that goes beyond awareness of mental health, and asks: can mental health be clinically exploited by cyberattackers? This presentation will introduce and explain to the audience about the features of a mental health attack surface. The audience will learn how to recognize signs and symptoms. There will be 2 clinical exploit vignette examples provided: Major Depressive Disorder and Generalized Anxiety Disorder. The audience will obtain knowledge and gain fluency about the mental health attack surface, and learn ways to build a mental health safety plan as part of a security framework.

Roelof Temmingh – “Hoarding the web: Capturing information in 2021”
The web has evolved from long loading pages to ajax to even more sectionalized stuff, and tooling just hasn’t really kept up. Vortimo is (yet unreleased; always ready soon) free software that is used during online investigations to record, augment, recall, scrape, enrich, report and find web pages you’ve seen before. In this presentation we will focus on a single aspect of Vortimo – the capturing system. On the surface it appears to be most mundane part of the tool, but it’s really where some of the more interesting innovations were made. Once you can reliably capture web pages – the rest, while flashy, is a lot easier. Our lawyers advised against presenting trade secrets on a public forum, but blah blah, we figure there are many other secrets still left for us to discover.

Erika Sonntag – “No1Slav: Dark Web Identity Resolution”
Dark Web users strive to maintain anonymity through various tools and tactics, however Dark Web OSINT still presents opportunities for analysis and exploitation. By leveraging multiple OSINT sources and pivoting between the Dark and Open Web, Bluestone Analytics analysts linked a Dark Web user promoting disinformation with a real-world identity. Presented as a case study with some bizarre twists, including an avian enthusiast forum, this talk details the TTPs used to provide likely online identity resolution of a Tor pastebin user going by the moniker “No1Slav.”