Penetration testing with social engineering
2 December 2020
This training and workshop focus on the planning, preparation, implementation and evaluation of security testing using social engineering to identify and address security vulnerabilities. From the initial contact with the client, through the test planning, execution of OSINT, preparation of tools, all the way to the delivery of the payload to the target and testing evaluation. All phases of testing from a theoretical and practical point of view, along with demonstrations of work with various tools and tips on how to increase the success of your ethical attacks.
Introduction to offensive security and social engineering
Types of attacks
Weaponization / Preparation
Delivery / Exploitation
Installation / Command & Control
Evaluation and reporting
Workshop is part of QuBit Conference Belgrade 2020.
Security Auditor and IT Security Consultant, LIFARS LLC
Henrich Slezak – CISA, is a Security Auditor and IT Security Consultant at LIFARS LLC. He is focused mainly on GRC, information security management, security auditing and risk management. Henrich has more than 10 years of experience in information security and started as a member of the analytical department of an EU country governmental CSIRT team.
He was responsible for information security auditing and implementation, development of security policies, procedures, and operational materials. He also participated in trainings and raising awareness of the CSIRT’s constituency. Additionally, he was involved in various incident response engagements as a team member, incident response manager, and incident response facilitator.
Penetration tester, LIFARS LLC
Milan Kyselica is working as part of a penetration testing team. His main focus is on Red Teaming, Vulnerability Assessment and web application security testing. Milan’s previous positions as a penetration tester at Computer Security Incident Response Team Slovakia – CSIRT, Nethemba and others, have given him experience in mobile, web-based application and internal network penetration testing. With his dedication and knowledge in the information security field, he has great experience in Responsible Disclosure, Bug Bounties and different contests.