Social engineers and OSINT investigators always seem to have a great story. And you can hear many of those stories through their presentations at the Layer 8 Conference in Providence, RI in June. But not every story can fill a whole presentation and not all storytellers can get to the conference, which brings us here. This podcast will only be stories, told by the investigators themselves. No interviews, no slides, just stories. Some might be as short as five minutes, some may even go for 45 minutes. We hope you’ll enjoy them.
Where to listen
Marina Ciavatta - Tropical Spy: Stories And Tricks From Social Engineering
For this episode, we welcome Joe Gray, a senior OSINT specialist at QOMPLX, a frequent public speaker at conferences and trainer of OSINT and social engineering. Joe joins us to tell us how he got into the field and how he got to where he is today. He also tells a second story about a particular phishing engagement where a senior manager built him up as someone who was unstoppable. But was he? Let him tell you how that went.
For this episode, we veer off course again. This time, to talk with Brent White and Tim Roberts from NTT Security and their own site wehackpeople.com. One day, Brent asked on twitter what types of things people would want to know about social engineering and he got some great questions. I asked and he and Tim agreed to answer those questions on this podcast. Let’s hear their answers now.
For this episode, we talk with three expert social engineers from Rapid7. Leon Johnson, Aaron Herndon and Jonathan Stines will tell us about some of the best security they’ve seen, some of the worst, some of the tools they carry on an engagement and how they sleep at night, knowing it is their job to trick people.
For this episode, we welcome Josh Huff, but you might know him as BayWolf88 on Twitter. He is a member of the OSINTCurious Advisory board and runs the web site LearnAllTheThings.net. In his experience doing digital forensics, he learned how to best frame information for those who hired him, which also helps with his OSINT investigations. Plus, he talks about how he dabbles in social engineering!
For this episode, we have another Ask Me Anything treat for you. Today’s guests are four social engineers from TrustedSec. We’ll hear from David Boyd, Paul Koblitz, Scot Berner and Jason Lang. Let's talk about their favorite engagements, some times when things went well, and some engagements that didn’t go so well and how they handle the situation when an engagement goes upside down. We’ll hear of one time when a medical procedure almost went too far and plus some resources on how to get started in social engineering.
For this episode, we welcome Krittika Lalwaney. Krittika is a red teamer on the offensive security team for Capital One. She is a social engineering capture the flag black badge winner at DerbyCon in 2018. She takes us through her career path, where she started, which was not in IT, to eventually joining a SOC, catching a red teamer due to her awareness, all the way to her successes of today. This is a story of one woman’s domination in a male dominated field. Take it away Krittika!
For this episode, we welcome Tracy Z. Maleeff, also known as InfosecSherpa. He has a blog set up at medium.com/@infosecsherpa and a newsletter at nuzzel.com/infosecsherpa. Tracy harkens us back to her presentation from Layer 8 Conference last year titled Lawyers, Guns and Money where she showed us great sources of OSINT research. Today, she gives us even more sources to search and explains how at the heart of it, security is a people problem so let’s also focus on interpersonal communications.
For this episode, we break our format again and interview two OSINT experts, Francesco Poldi and Jason Edison. Also known as @NonePrivacy and @Ding0snax on Twitter. These two are commonly found sharing information on the https://osint.team server. In this “Ask Me Anything” find out their thoughts on an OSINT mindset, some investigations they have dug in to, what gets them excited and how you can also be a better OSINT investigator.
For this episode, we welcome Amanda Berlin of Blumira. She is also the CEO of the non-profit organization Mental Health Hackers, and can be found on twitter at InfoSystir. Today, she tells us about a romance scam where she helped a friend finally understand she was being duped, and explains how these work, plus she’ll tell us a little bit about a fifteen thousand dollar teddy bear.
For this episode, we welcome Derrick Levasseur, winner of Big Brother season 16, host of the Discovery ID tv show Breaking Homicide and the author of the best selling book, Undercover Edge, which helps you find your strengths and gain confidence to win in all situations. Derrick tells us the story about the first time he went undercover as a police officer and the methods he used to quickly gain the trust of a university drug dealer over a few games of pool that eventually led to a bust.
For this episode, we welcome Adam Compton, a pentester and social engineer for TrustedSec. You can also meet TrustedSec at the Layer 8 Conference, and you can find Adam on twitter at Tatanus. Adam talks about the various ways and methods that he was able to successfully test the physical security of a health care facility, using the remnants of a Big Gulp and a ladder in the snow, as well as simply asking for a tour.
For this episode, we welcome Ritu Gill, also known as OSINTTechniques on twitter and at osinttechniques.com. First, Ritu helps us to understand the differences between intelligence and data. Then she takes us through some examples of combinations of OSINT and social engineering. In one such example, she finds a way to get a target to reveal his real name on Facebook. She also tells us about canary tokens and phone spoofing.
For this episode, we welcome Jayson E. Street, VP at SphereNY and will be teaching a two-day course at Blackhat titled “Access Denied - Social Engineering Detection and Incident Response”. Jayson tells us about a huge success for him, getting caught. Physical social engineers are often able to breach a company’s physical defenses, but are we teaching the client how to improve? Jayson proudly tells us about one incredible success story.
For this episode, we welcome Christina Lekati, a social engineer and psychologist for Cyber Risk Gmbh in Switzerland. You can find her on twitter at ChristinaLekati. Christina was tasked with confirming one client’s suspicions that their employee was stealing information from them. In this story, you’ll hear that the target had no idea what was coming for him once Christina got started.
Warning: Some language used is NSFW or children.
For this episode, we break our format. Usually, we have a social engineer or OSINT investigator on to walk us through a great story, a fun engagement or the methodology of an investigation. On this episode, we welcome two extremely accomplished social engineers, Snow and TinkerSec to just chat, answer a few questions, give opinions and recount a lot of fun stories. You can find them on Twitter at @_sn0ww and @TinkerSec.
In this episode, Snow mentions her Full Scope Social Engineering class being taught at BlackHat USA. You can find out more about that class here: https://www.blackhat.com/us-19/training/schedule/index.html#full-scope-social-engineering-and-physical-security-14232
For this episode, we welcome Julie Clegg, the OSINT expert on the United Kingdom-based television show "Hunted". Julie is also putting together OSINT2020, an event where OSINT investigators can come together and talk about the future of investigations. You can find out more at OSINT2020.com. Julie talks with us about her five favorite events that happened on Hunted but you didn’t get to see on television. She talks about various activities by the hunters and some pranks that the hunters and hunted played on each other. You can contact Julie on Twitter at @HuntedJulie
For this episode, we welcome Cat Murdock, a security consultant and social engineer from Guidepoint Security. You can find Cat on Twitter at CatMurd0ck. While most of our episodes are safe for work, this one has a few words mixed in that you might not want children to hear. Cat takes us through some of her social engineering encounters, explains why snacks and bathroom breaks are important and why the names on paperwork are very important.
For this episode, we welcome Nico Dekins, also known as Dutch OSINT Guy and a co-host of the OSINT Curious podcast. You can find Nico on Twitter at Dutch_OSINTGuy. Law enforcement officials in the Netherlands asked him to confirm whether a potential Jihadi’s threats were credible. They only gave him a first name and minimal other information. Find out how Nico went through his methodology to get the confirmation they needed.
For this episode, we welcome Alethe Denis, the founder of Dragonfly Security and the reigning champion of the Defcon social engineering capture the flag competition. This is Alethe’s story of where she came from, how she was always a social engineer from childhood and also how words from Lady Gaga turned her life around. She tells us how we can social engineer ourselves to move in a positive direction.
For this episode, we welcome Keith Cox, a social engineer and pentester from Rapid7. Keith takes us through a recent vishing engagement and he tells us how sometimes you can learn from the initial calls you make to drastically change your pretext and how it worked for him. Keith also describes how he got to flip the script a little and help his mentor fine tune his own social engineering skills.
For this episode, we welcome Kirby Plessas, host of the OSINT curious podcast. She is the founder and CEO of the Plessas Experts Network, found at plessas.net where you can find online training about how to perform OSINT investigations. Kirby tells us how she was able to track down a hacker, simply because someone wished him happy birthday.
For this episode, we welcome Marina Ciavatta, the journalist turned social engineer, from Brazil. Marina describes her first physical social engineering engagement where she will tell us how she successfully bypassed biometrics and how people will willingly give you more information if you just ask.
You can find Marina on Twitter at: @MarinaCiavatta
For this episode, we welcome Wondersmith Rae, a professional OSINT investigator who tells us the story of an online puppy scam. This is a story where pulling on one thread of information seemed to lead down varying paths and exposing additional interesting areas to investigate. She and @Tokyo_v2 also wrote a blog post on Medium.com about her investigation titled “Anatomy of a Puppy Scam, Part 1, Meet Layla” where you can find even more details.
You can find her on twitter at @Wondersmith_Rae
For this episode, we welcome Deveeshree Nayak, an educationalist and information security professional where she tells us about how she was able to find weaknesses in Facebook for gathering information on friends of friends, which eventually led to the company inviting her to Defcon.
You can find Deveeshree on LinkedIn.
For this episode, we welcome Robby Stewart, a social engineer and pentester at Rapid7. Robby tells us about a story that we don’t hear that often from social engineers...failure. He explains why some might consider his test a failure and why some would call it a success.
You can find Robby on Twitter at @RizzyRong.
For this episode, we welcome Robby Stewart, a social engineer and pentester at Rapid7. Robby takes us through the first social engineering engagement and the various decisions he needed to make along the way. He also explains how a good social engineer can really take advantage of people’s assumptions and their trust.
You can find Robby on twitter at @RizzyRong
For this episode, we have Matthias Wilson, also known as MwOsint on twitter and owner of the https://keyfindings.blog site. Matthias is in Germany where the default is to trust no one and privacy is the utmost concern. Matthias takes us through how he was able to combine social engineering and OSINT to find out if a given business address was legit, or something a little more shady.
For this episode, we have Steve Laura, a social engineer and pentester for Blue Cross Blue Shield. On this longer episode, he takes through the recon, the initial access, his thought process along the way and how he dealt with employees on the lookout for a pentester trying to get into their building!
You can find Steve on twitter at Steven1669.
For this episode, we have Katelyn Bowden, CEO of the BADASS Army, a non-profit organization dedicated to providing support to victims of revenge porn and image abuse. Katelyn tells us about her first experience with OSINT. A personal experience that involved some social engineering to drum up some small town drama and how a machine gun was the one piece of information that got Katelyn the goods.
You can find Katelyn on twitter at BadassBowden.
For this episode, we have Katelyn Bowden, CEO of the BADASS Army, a non-profit organization dedicated to providing support to victims of revenge porn and image abuse. Katelyn tells us about how her organization works and how her experience with a siren, and how one guy’s desire for Funko Pops ended up being his downfall in the world of trading nude images.
You can find Katelyn on Twitter at BadassBowden.
For our first episode, we have Trevor O’Donnal from Rapid7. Trevor tells us about a particularly difficult social engineering engagement where he needed to engage staff through phone calls. But it was a small company, everyone knows each other and sits near each other. Let’s hear Trevor tell us how he used good reconnaissance to build rapport and get people talking.
You can find Trevor on Twitter at todonnal.