Christopher Hadnagy
Christopher James Hadnagy is an American security consultant, author, and professional social engineer. He is in the field of social engineering (SE) and authored a book called Social Engineering: The Art of Human Hacking.[1]
Professional SE career
Hadnagy began his technical career with his own business, AREESA Computers.
Hadnagy worked with the team that created BackTrack (now Kali).
Hadnagy has presented and trained at events such as RSA,[2] Black Hat,[3] ISSA[4] and given various presentations for corporate and government clients.
Hadnagy holds certifications as an Offensive Security Certified Professional (OSCP) and an Offensive Security Wireless Professional (OSWP).[5]
History with DEF CON
At DEF CON 17 Hadnagy was approached to help start a Social Engineering contest for the popular hacking conference, DEF CON.
Hadnagy founded the Social Engineering Capture the Flag (SECTF[6]) competition. Ethical conduct is strictly enforced and personal/financial information is not allowed to be targeted.[7] Businesses and government agencies initially raised concern regarding the type of information that would be gathered and the methods that would be employed to collect it, however, after four years this has diminished.[8]
The contest is broken down into two sections: first, information gathering and planning attack vectors in the month before DEF CON and second, a public execution of a vishing attack in the SEVillage at DEF CON.[9] A competition report is released each year which many businesses utilize to help improve their security awareness programs.[10] The SECTF has also researched and reported on the topics of gender in the SE field, which industries are most susceptible to SE attacks, and improvements that have been seen in companies successfully targeted in previous years.
At DEF CON 18 Hadnagy and crew launched the first SECTF and became the first contest to receive a black badge its first year.[11] Each year the contest has grown in popularity and size.[12]
In 2011, Hadnagy developed SECTF4Kids for DEF CON 19 with the stated intention of teaching younger generations social engineering skills [13] In 2014 the SECTF4Kids was made an official DEF CON event rather than one of the kids' events.[14]
References
- ↑ Chereshnev, Evgeny. "The Best-Selling Books on Security from RSA 2014". KaperskyLab Daily. Retrieved June 6, 2017.
- ↑ "Christopher Hadnagy | RSA Conference". RSA. Retrieved June 4, 2014.
- ↑ BlackHat https://www.blackhat.com/html/bh-us-12/training/courses/bh-us-12-training_social-engineering.html. Retrieved June 4, 2014. Missing or empty
|title=(help) - ↑ "8th Annual Charlotte ISSA Security Summit". ISSA Charlotte Metro. Retrieved 22 July 2014.
- ↑ "Social-Engineer, Inc. _About page". Social-Engineer, Inc. Retrieved 4 May 2015.
- ↑ "CTF Archives - Security Through Education". Security Through Education. Retrieved 2017-01-10.
- ↑ "Social-Engineer.Org CTF Update – Awareness Abounds". Security through Education. July 21, 2010. Retrieved 25 July 2014.
- ↑ Jackson Higgins, K. (6/4/2010). "Defcon To Host 'Capture The Flag' Social Engineering Contest No unethical activities or 'damage' to targeted companies or people allowed". InformationWeek: DARKreading. Retrieved 25 July 2014. Check date values in:
|date=(help) - ↑ "The Social Engineering CTF – How Strong is Your Schmooze". Security through Education. Retrieved 25 July 2014.
- ↑ "You searched for SECTF Report - Security Through Education". Security Through Education. Retrieved 2017-01-10.
- ↑ "Social-Engineer Breaks a Defcon Record - Security Through Education". Security Through Education. 2010-08-04. Retrieved 2017-01-10.
- ↑ Smith, Mrs. "Social engineer tag teams to capture the flags at Def Con 22 contest". NetworkWorld. Retrieved 4 May 2015.
- ↑ "What the SECTF4Kids is All About". Security through Education. Retrieved 25 July 2014.
- ↑ "Kids To Hack Corporate Crime Caper Case At DEF CON". InformationWeekly: DARKreading. Retrieved 25 July 2014.