Layer 8 Podcast

Layer 8 Podcast

anchor.fm/layer-8-podcast
Social engineers and OSINT investigators always seem to have a great story. And you can hear many of those stories through their presentations at the Layer 8 Conference in Providence, RI in June. But not every story can fill a whole presentation and not all storytellers can get to the conference, which brings us here. This podcast will only be stories, told by the investigators themselves. No interviews, no slides, just stories. Some might be as short as five minutes, some may even go for 45 minutes. We hope you’ll enjoy them.


Marina Ciavatta - Tropical Spy: Stories And Tricks From Social Engineering
Jun 29 • 43 min
Here is Marina’s presentation from the Layer 8 Conference. She did not want the video released but allowed for the audio.
31: Joe Gray - His Origins and a Phish
Jun 29 • 22 min
For this episode, we welcome Joe Gray, a senior OSINT specialist at QOMPLX, a frequent public speaker at conferences and trainer of OSINT and social engineering. Joe joins us to tell us how he got into the field and how he got to where he is today. He…
30: Brent White and Tim Roberts
Jun 22 • 51 min
For this episode, we veer off course again. This time, to talk with Brent White and Tim Roberts from NTT Security and their own site wehackpeople.com. One day, Brent asked on twitter what types of things people would want to know about social engineering…
29: Social Engineers from Rapid7
Jun 15 • 57 min
For this episode, we talk with three expert social engineers from Rapid7. Leon Johnson, Aaron Herndon and Jonathan Stines will tell us about some of the best security they’ve seen, some of the worst, some of the tools they carry on an engagement and how…
28: Josh (@Baywolf88) Huff
Jun 1 • 16 min
For this episode, we welcome Josh Huff, but you might know him as BayWolf88 on Twitter. He is a member of the OSINTCurious Advisory board and runs the web site LearnAllTheThings.net. In his experience doing digital forensics, he learned how to best frame…
27: TrustedSec Social Engineers Ask Me Anything
May 25 • 56 min
For this episode, we have another Ask Me Anything treat for you. Today’s guests are four social engineers from TrustedSec. We’ll hear from David Boyd, Paul Koblitz, Scot Berner and Jason Lang. Let’s talk about their favorite engagements, some times when…
26: Krittika Lalwaney - One Woman’s Domination in a Male Dominated Field
May 18 • 23 min
For this episode, we welcome Krittika Lalwaney. Krittika is a red teamer on the offensive security team for Capital One. She is a social engineering capture the flag black badge winner at DerbyCon in 2018. She takes us through her career path, where she…
25: Tracy Z. Maleeff, a.k.a. The InfoSecSherpa
May 11 • 53 min
For this episode, we welcome Tracy Z. Maleeff, also known as InfosecSherpa. He has a blog set up at medium.com/@infosecsherpa and a newsletter at nuzzel.com/infosecsherpa. Tracy harkens us back to her presentation from Layer 8 Conference last year titled…
24: OSINT AMA with Noneprivacy and Ding0snax
May 4 • 48 min
For this episode, we break our format again and interview two OSINT experts, Francesco Poldi and Jason Edison. Also known as @NonePrivacy and @Ding0snax on Twitter. These two are commonly found sharing information on the https://osint.team server. In this…
23: Amanda Berlin - The $15,000 Teddy Bear
Apr 27 • 12 min
For this episode, we welcome Amanda Berlin of Blumira. She is also the CEO of the non-profit organization Mental Health Hackers, and can be found on twitter at InfoSystir. Today, she tells us about a romance scam where she helped a friend finally…
22: Derrick Levasseur - Going to College…for the Bust
Apr 20 • 21 min
For this episode, we welcome Derrick Levasseur, winner of Big Brother season 16, host of the Discovery ID tv show Breaking Homicide and the author of the best selling book, Undercover Edge, which helps you find your strengths and gain confidence to win in…
21: Adam Compton - The Ladder and the Big Gulp
Apr 13 • 18 min
For this episode, we welcome Adam Compton, a pentester and social engineer for TrustedSec. You can also meet TrustedSec at the Layer 8 Conference, and you can find Adam on twitter at Tatanus. Adam talks about the various ways and methods that he was able…
20: Ritu Gill - Tips and Tricks from OSINTtechniques
Apr 6 • 11 min
For this episode, we welcome Ritu Gill, also known as OSINTTechniques on twitter and at osinttechniques.com. First, Ritu helps us to understand the differences between intelligence and data. Then she takes us through some examples of combinations of OSINT…
19: Jayson E. Street - “One of the Best Stories I Can Tell”
Mar 30 • 23 min
For this episode, we welcome Jayson E. Street, VP at SphereNY and will be teaching a two-day course at Blackhat titled “Access Denied - Social Engineering Detection and Incident Response”. Jayson tells us about a huge success for him, getting caught.…
18: Christina Lekati - They Never Saw Her Coming
Mar 23 • 21 min
For this episode, we welcome Christina Lekati, a social engineer and psychologist for Cyber Risk Gmbh in Switzerland. You can find her on twitter at ChristinaLekati. Christina was tasked with confirming one client’s suspicions that their employee was…
AMA with Snow and TinkerSec
Mar 19 • 72 min
Warning: Some language used is NSFW or children. For this episode, we break our format. Usually, we have a social engineer or OSINT investigator on to walk us through a great story, a fun engagement or the methodology of an investigation. On this episode,…
16: Julie Clegg - Top 5 Things Not Seen on Hunted
Mar 16 • 25 min
For this episode, we welcome Julie Clegg, the OSINT expert on the United Kingdom-based television show “Hunted”. Julie is also putting together OSINT2020, an event where OSINT investigators can come together and talk about the future of investigations.…
15: Cat Murdock - Know Your Name and Bring Snacks
Mar 9 • 42 min
For this episode, we welcome Cat Murdock, a security consultant and social engineer from Guidepoint Security. You can find Cat on Twitter at CatMurd0ck. While most of our episodes are safe for work, this one has a few words mixed in that you might not…
14: Dutch_OSINTGuy - Spot the Jihadi
Mar 2 • 17 min
For this episode, we welcome Nico Dekins, also known as Dutch OSINT Guy and a co-host of the OSINT Curious podcast. You can find Nico on Twitter at Dutch_OSINTGuy. Law enforcement officials in the Netherlands asked him to confirm whether a potential…
13: Alethe Denis - Social Engineer Your Own Brain
Feb 24 • 53 min
For this episode, we welcome Alethe Denis, the founder of Dragonfly Security and the reigning champion of the Defcon social engineering capture the flag competition. This is Alethe’s story of where she came from, how she was always a social engineer from…
12: Keith Cox - The Value of Flexibility During Vishing
Feb 17 • 47 min
For this episode, we welcome Keith Cox, a social engineer and pentester from Rapid7. Keith takes us through a recent vishing engagement and he tells us how sometimes you can learn from the initial calls you make to drastically change your pretext and how…
11: Kirby Plessas - Happy Birthday…or is it?
Feb 10 • 8 min
For this episode, we welcome Kirby Plessas, host of the OSINT curious podcast. She is the founder and CEO of the Plessas Experts Network, found at plessas.net where you can find online training about how to perform OSINT investigations. Kirby tells us how…
10: Marina Ciavatta - Just Ask For Feedback
Feb 3 • 47 min
For this episode, we welcome Marina Ciavatta, the journalist turned social engineer, from Brazil. Marina describes her first physical social engineering engagement where she will tell us how she successfully bypassed biometrics and how people will…
9: Wondersmith Rae - Unraveling an Online Puppy Scam
Jan 27 • 19 min
For this episode, we welcome Wondersmith Rae, a professional OSINT investigator who tells us the story of an online puppy scam. This is a story where pulling on one thread of information seemed to lead down varying paths and exposing additional…
8: Deveeshree Nayak - Turning a Facebook Feature into a Ticket to Defcon
Jan 22 • 7 min
For this episode, we welcome Deveeshree Nayak, an educationalist and information security professional where she tells us about how she was able to find weaknesses in Facebook for gathering information on friends of friends, which eventually led to the…
7: Robby Stewart - Sometimes the Client Wins
Jan 21 • 10 min
For this episode, we welcome Robby Stewart, a social engineer and pentester at Rapid7. Robby tells us about a story that we don’t hear that often from social engineers…failure. He explains why some might consider his test a failure and why some would call…
6: Robby Stewart - How a Social Engineer (Ab)uses Trust
Jan 20 • 7 min
For this episode, we welcome Robby Stewart, a social engineer and pentester at Rapid7. Robby takes us through the first social engineering engagement and the various decisions he needed to make along the way. He also explains how a good social engineer…
5: Matthias Wilson - Combining OSINT with SE in Germany
Jan 13 • 21 min
For this episode, we have Matthias Wilson, also known as MwOsint on twitter and owner of the https://keyfindings.blog site. Matthias is in Germany where the default is to trust no one and privacy is the utmost concern. Matthias takes us through how he was…
4: Steve Laura - A Full PSE Walkthrough
Jan 6 • 47 min
For this episode, we have Steve Laura, a social engineer and pentester for Blue Cross Blue Shield. On this longer episode, he takes through the recon, the initial access, his thought process along the way and how he dealt with employees on the lookout for…
3: Katelyn Bowden - Her First OSINT
Dec 30, 2019 • 10 min
For this episode, we have Katelyn Bowden, CEO of the BADASS Army, a non-profit organization dedicated to providing support to victims of revenge porn and image abuse. Katelyn tells us about her first experience with OSINT. A personal experience that…
2: Katelyn Bowden - Taking Down a Criminal
Dec 30, 2019 • 11 min
For this episode, we have Katelyn Bowden, CEO of the BADASS Army, a non-profit organization dedicated to providing support to victims of revenge porn and image abuse. Katelyn tells us about how her organization works and how her experience with a siren,…
1: Trevor O’Donnal - Rapport Building with Vishing
Dec 16, 2019 • 17 min
For our first episode, we have Trevor O’Donnal from Rapid7. Trevor tells us about a particularly difficult social engineering engagement where he needed to engage staff through phone calls. But it was a small company, everyone knows each other and sits…