The Nihilist’s Guide to Wrecking Humans and Systems
Category: Exploit Research
Summary: Many can identify the soft, fallible bundle of meat and love that is a human. Humans can be found in their natural habitat milling around at the fuzzy edges of unsuspecting computer systems. Let’s go on a safari through benefits and healthcare systems, well-meaning information security departments and warm-hearted technical support agents as we explore the unexpected effectiveness of combining technical penetration testing with social engineering of our warm-blooded friends.
Together, we will see how social engineering can be used in conjunction with offensive technical attacks to create destructive attack chains and share some real world scenarios. I show how innocent pretexts can lead to complete network compromise and RCE on production servers, why combining attack chains is effective and why social engineering awareness training is NOT the solution you need.
Not every talk has to be a deep dive into maneuvering the mangled heap overflow structures to get control of a bit here or a bit there. Let me help you get your shells faster.