Purplecon 2019 bl3ep, a novice red teamer's guide to self help, https://purplecon.nz/talks#bl3ep, not streamed
advice and learnings from a newbie's first year: how to get better hacking yourself, hacking others, and defence against the se arts.
- mh – stress? say “I'm excited” and hack your own response system
- mh – visualise the stressful activity in details first, going well
- social engineering attacks are a good exercise for general non-IT staff
- Validate the request. Call back. Don't “reply”. Don't leak PII by being helpful. Use a different channel for validation