Hack Space Con ‘24

This weekend, Jonathan Burstein had the pleasure of representing Vertek at Hack Space Con at Kennedy Space Center in Cape Canaveral, Florida. Hack Space Con is held annually and brings together everyone from prominent members of the infosec community to enthusiasts, students, and families. The event provides various ways for attendees to network with others in the industry, improve their skills through various CTFs and villages, and educate themselves on different areas of security from the many speakers who are invited to share their knowledge. The keynote speech was given by David Kennedy, founder of TrustedSec and Binary Defense, where he spoke on the state of the industry and what we can all do to make the world a safer place in cyber. Other notable talks included Jason Haddix of Arcanum Information Security on Red/Blue and Purple AI, where he showed how AI is currently being used on all sides of cybersecurity, and The Techromancers’ account of how he created BBOT, a powerful recursive scanning tool for enumeration during a penetration test.

Jonathan was asked to give a talk on modern social engineering tactics by a friend from college who was interested in the topic. Jonathan figured this would be an excellent way to educate himself on the topic as well as get his name out there in the industry and work collaboratively with his friend. Their talk started with the basics of social engineering, covering everything from OSINT to pretext development, all the way to report writing. They then delved into principles of influence such as authority and reciprocity and how attackers use these in both physical pen tests and phishing campaigns. The second half was all about modern tactics, with demonstrations of various phishing frameworks like Maxphisher, browser-in-the-browser phishing to simulate a Google sign-in page using HTML and using a Man in the Middle tool like Evilginx to not only phish your target for credentials but also bypass MFA by hijacking their session cookie.

Their talk went very smoothly. They were grateful for the opportunity they had been given as two recent college grads new to the industry to be able to showcase what they were interested in and grateful to their employers for believing in them and encouraging them to be passionate about cybersecurity and explore all its various avenues.