Penetration testing with social engineering

Henrich Slezak

Security Auditor and IT Security Consultant | LIFARS

This training and workshop focus on the planning, preparation, implementation and evaluation of security testing using social engineering to identify and address security vulnerabilities. From the initial contact with the client, through the test planning, execution of OSINT, preparation of tools, all the way to the delivery of the payload to the target and testing evaluation. All phases of testing from a theoretical and practical point of view, along with demonstrations of work with various tools and tips on how to increase the success of your ethical attacks.

Content

1. Introduction to offensive security and social engineering

• Role of social engineering in offensive security engagements. Main principles, techniques and ethics.

2. Types of attacks

• Types of attacks using social engineering with focus on phishing techniques.

3. Recon / OSINT

• How to perform recon on the organization. Which tools are penetration testers using when performing recon not only for spear-phishing campaigns.
• How to choose the email addresses and which domain to buy.

4. Weaponization / Preparation

• Choosing the phishing framework, in our case (Gophish). Setting up the email server (Mailserver), tweaking a lot of stuff (SSL/TLS certificates, SPF, DKIM, DMARC, and recompiling Gophish to strip of transparency headers).
• Which payload to choose – Link to a website or document Word Documents, Excel sheet, etc?

5. Delivery / Exploitation

• Setting up a campaign, preparing email body, feeding groups of recipients in Gophish. Is the organization using any email protection or sandbox?

6. Installation / Command & Control

• Review of latest public phishing campaigns and their payloads.

7. Evaluation and reporting

• Focus on interpreting the results of the finished campaign. Identifying if the emails were open, if the link was visited, etc. Tips & Tricks on how to identify and fingerprint visitors.