Layer 8 Podcast

For this episode, we welcome Marina Ciavatta, the journalist turned social engineer, from Brazil. Marina describes her first physical social engineering engagement where she will tell us how she successfully bypassed biometrics and how people will willingly give you more information if you just ask. You can find Marina on Twitter at: @MarinaCiavatta

For this episode, we welcome Wondersmith Rae, a professional OSINT investigator who tells us the story of an online puppy scam. This is a story where pulling on one thread of information seemed to lead down varying paths and exposing additional interesting areas to investigate. She and @Tokyo_v2 also wrote a blog post on Medium.com about her investigation titled “Anatomy of a Puppy Scam, Part 1, Meet Layla” where you can find even more details. You can find her on twitter at @Wondersmith_Rae

For this episode, we welcome Deveeshree Nayak, an educationalist and information security professional where she tells us about how she was able to find weaknesses in Facebook for gathering information on friends of friends, which eventually led to the company inviting her to Defcon. You can find Deveeshree on LinkedIn.

For this episode, we welcome Robby Stewart, a social engineer and pentester at Rapid7. Robby tells us about a story that we don’t hear that often from social engineers...failure. He explains why some might consider his test a failure and why some would call it a success. You can find Robby on Twitter at @RizzyRong.

For this episode, we welcome Robby Stewart, a social engineer and pentester at Rapid7. Robby takes us through the first social engineering engagement and the various decisions he needed to make along the way. He also explains how a good social engineer can really take advantage of people’s assumptions and their trust. You can find Robby on twitter at @RizzyRong

For this episode, we have Matthias Wilson, also known as MwOsint on twitter and owner of the https://keyfindings.blog site. Matthias is in Germany where the default is to trust no one and privacy is the utmost concern. Matthias takes us through how he was able to combine social engineering and OSINT to find out if a given business address was legit, or something a little more shady. 

For this episode, we have Steve Laura, a social engineer and pentester for Blue Cross Blue Shield. On this longer episode, he takes through the recon, the initial access, his thought process along the way and how he dealt with employees on the lookout for a pentester trying to get into their building! You can find Steve on twitter at Steven1669.

For this episode, we have Katelyn Bowden, CEO of the BADASS Army, a non-profit organization dedicated to providing support to victims of revenge porn and image abuse. Katelyn tells us about her first experience with OSINT. A personal experience that involved some social engineering to drum up some small town drama and how a machine gun was the one piece of information that got Katelyn the goods. You can find Katelyn on twitter at BadassBowden.

For this episode, we have Katelyn Bowden, CEO of the BADASS Army, a non-profit organization dedicated to providing support to victims of revenge porn and image abuse. Katelyn tells us about how her organization works and how her experience with a siren, and how one guy’s desire for Funko Pops ended up being his downfall in the world of trading nude images. You can find Katelyn on Twitter at BadassBowden.

For our first episode, we have Trevor O’Donnal from Rapid7. Trevor tells us about a particularly difficult social engineering engagement where he needed to engage staff through phone calls. But it was a small company, everyone knows each other and sits near each other. Let’s hear Trevor tell us how he used good reconnaissance to build rapport and get people talking. You can find Trevor on Twitter at todonnal.