Hackfest Social-Engineering Contest 2023

Prove that you can social-engineer anyone in English or French.

Get in a booth in front of a crowd, do a phone call to a known company, gather multiple flag by only asking them question by voice… and win!

What is Hackfest Social-Engineering Contest?

A social engineering contest by telephone where the participant must obtain privileged information via engineering discussion techniques. The goal is to get an X number of information and the best wins!

Funny, interesting and stressful, will you be up to it?

Village scheduled talks

Day Time Title
Friday 3pm Let’s build a social engineering attack
Saturday 10am OSINT for social engineering

Registration & Form

  • Call for Participants: PDF
  • Call for Crew: PDF

  • Register

  • Send your registration details by email (Step 1 of the CFP) to:
    shane @ hackfest.ca

Rules

Prizes

  • 1st place winner gets an Hackfest Black coin!
  • More detail soon!

Results 2019

Who was a target ?

  • 3M
  • Loblaw
  • CN
  • Irving Oil
  • L’Oreal
  • Ceridian

Statistics

  • 321 calls over two days; totaling 12.5 hours
  • 66% of companies revealed detailed information (compared to 87.5% in the event’s first running in 2017):
    • operating system
    • email client version
    • anti-virus
    • internet browser
    • told us they were blocked from accessing USB
    • went to a website address given to them by their caller (50% in 2017)
  • 100% of all targets gave out information detailing their video surveillance systems (a worsening from the 63% in 2017)
  • 50% shut down attackers!!!
  • Some gave information after saying they were concerned