No announcement yet.

Rouge's Village at DEF CON 27

  • Filter
  • Time
  • Show
Clear All
new posts

  • Rouge's Village at DEF CON 27

    Rouge's Village

    The Rogue’s Village views SE through a wider lens, focusing on “physical SE”: skills, tools, and alternative techniques a Social Engineer may use in the field.

    Expanding on established SE methodology (which would be the Social Engineering Village’s arena), the Rogue’s Village will draw on Brian Brushwood’s experiences on the Scam School and Modern Rogue series and the Four Suits team’s performance experience to present unique talks and experiences to expand the field of SE and 'psychical SE' techniques.

    1. Verbal Steganographic Communication
    Zac ‘n Jax from the Four Suits team present a talk (and demonstration) of live, verbal stenographic communication. Boiled down to its simplest form, this encompasses all the ways for two or more people to secretly communicate without the aid of any electronic devices. This includes physical and verbal codes, as well as memory systems and shortcuts that allow large amounts of information to be remembered and transferred from person to person. This talk will cover the history of techniques like this (which originate in the spiritualist movement and stage magic of the 1800s) as well as potential SE use cases, such as: providing assistance in second-member infiltration scenarios, executing implied-authority self-spoofed phone calls, and overcoming on-the-spot team social credential checks.

    2. Physical Elements in SE Approaches
    Shwood presents Modern Rogue concepts emphasizing the role of physical props in cons and SE approaches. This will include everything from regular life uses (using a Get Out of Jail Free card to convince a cop not to ticket) as well as more offensive-oriented scenarios (the power a yellow reflective vest can have, uses for self-spoofing phone calls (receiving fake calls from recognized authorities), etc).

    3. Pick-Pocketing as SE Utility
    James Harrison presents a demonstration of simple pick-pocketing techniques, then a discussion of pick-pocketing (and put-pocketing) as a tool within the world of SE. It can be useful not only for gaining access to a physical space by acquiring keys or credentials, but also for creating pretexts for interaction (“miss, you seem to have dropped your wallet…” or allowing you to buzz someone in because they “lost” their ID, thus predisposing them to reciprocate by vouching for you later), and gathering information (stealing planners, notes, etc). Additionally a discussion of put-pocketing as a tool. You can intentionally cause someone to set off a metal detector or other sensor, plant a tracker, listening device, card cloner, etc.
    PGP Key:

  • #2
    For up-to-date info on the Rogues Village, or for any questions, you can you check out our Twitter @RoguesVillage ( or our webpage (