10-11, 14:30–14:50 (America/New_York), Social Engineering CTF (204)
Language: English
In this eye-opening talk, we'll explore how Open Source Intelligence (OSINT) is becoming "shockingly easy" with the rise of AI tools. What once took hours or even days of meticulous research can now be accomplished in seconds. With just a few simple prompts, anyone can uncover a company's most sensitive information—like the location of its data centers or the addresses of its offices. Is this an opportunity or a risk? Join us to discover the implications of AI-powered OSINT, how it impacts cybersecurity, and what you can do to protect your organization from this growing threat.
We can now leverage ChatGPT to increase attack efficiency at an alarming rate. In this demo we will attempt to fill out the flags required for the HackFest SECTF, and see just how devastatingly effective AI can be in footprinting an organization. See how everything from physical security to network appliances can be inventoried, giving an attacker a more focused target, all without sending a single packet to the target's network. We will also demonstrate how using certain verbiage can return better results.
Shane is a Canadian information security researcher, speaker, educator, and professional shit disturber. He has been in infosec since 1989, and is a two time winner of the DEF CON SECTF black badge. He organizes and runs the HackFest SECTF. He has presented talks or training internationally, at events ranging from BlackHat to DEF CON.