Yehia Mamdouh has 8+ years experience in penetration testing and security research field along with social engineer and physical assessment and now he is holding a position as a penetration tester specialist and security researcher @ DTS-Solution @ Dubai, he is the author of many tools like XSSYA V1-2 which has been added to many Linux Distro Like (Black-Arch – BigTrouq) and BetWorm, he was keynote speaker at many conferences like (Defcamp 2016 – QuBit 2016 – Middle East security summit 2015) – He got many certifications like (CCNA -CEH – VAPT on Android & IOS – Exploiting Web Applications with Samurai – Cyber Crime Investigation QCERT) -Bug-Hunter in his spare time and his name has been added to hall of fame of many websites.
PRESENTATION: Social Engineer – Advanced Preparations & Improvisation
Human is the weakest link in security. Yes, we know that that’s why we use social engineering in order to fix human vulnerabilities, and that requires some preparations to deceive people, in this talk we will learn What is the Advanced preparations that we should use in order to be legitimate? We will look to that advanced preparation by the eyes of normal people not the eyes of hackers. We know also that Social Engineer requires some reconnaissance to apply successful scenarios, but what if you have 0 information or no time for reconnaissance?
In this talk, we will learn how to improvise successful scenarios? What kind of knowledge should we have to increase our
capabilities in improvisation? Also, many companies apply mitigations against social engineering but they have been successfully attacked! We will know the mitigation gaps and how we are going to fix them?