Hackathon Showcase 1st Place Winner

TTO

Team consisting of Ten Twenty One Cloud Security Engineers skilled in AWS, Terraform, and Kubernetes, focused on building advanced AI agents for security automation.

2 members Watch Demo

YouTube Video

Project Description

Project Name: The Social Engineering Vishing Simulator

Project Description

The Problem: While companies train employees to spot phishing emails, they are defenseless against Vishing (Voice Phishing). Attackers now use Generative AI to clone specific voices—impersonating known colleagues or executives—to manipulate employees. Traditional training cannot simulate this high-pressure, deepfake reality.

The Solution & Core Flow: This project is an automated “Attacker Agent” that immunizes employees through realistic exposure therapy using custom voice cloning.

Trigger: An n8n workflow initiates the simulation based on a schedule.

Dynamic Context: n8n passes target data (e.g., {{victim_name}}, {{department}}) to the Agent.

The Deepfake: The Agent activates the “Alex” persona. Crucially, this uses a custom-trained ElevenLabs voice model (cloned from our own team’s voice) to demonstrate the terrifying realism of modern impersonation attacks.

The Interaction: The Agent follows a strict system prompt (“Stressed SysAdmin”) to handle objections and aggressively pressure the victim for a password.

Reporting: The outcome (Pass/Fail) is logged to the compliance database via n8n.

Judging Criteria Alignment

Working Prototype: The submission demonstrates a live end-to-end loop: n8n triggers the call, and the ElevenLabs custom voice model successfully speaks to the victim. The latency is low enough to hold a natural conversation, and the agent successfully logs the final result.

Technical Complexity & Integration: This project integrates Biometric Voice Cloning with LLM Logic.

Voice Cloning: We recorded and fine-tuned a custom voice model on ElevenLabs to replicate a specific human identity, rather than using a generic stock voice.

Prompt Logic: The agent utilizes a complex system prompt with behavioral guardrails (e.g., “ID 4492-B”) and dynamic variable injection ({{victim_name}}) to maintain context.

Orchestration: n8n acts as the nervous system, bridging the AI, the telephony provider (Twilio), and the database.

Innovation & Creativity: Most security training is passive (videos/quizzes). This is active, adversarial training. By cloning our own voice, we demonstrate “Spear Vishing”—attacks where the hacker sounds exactly like someone the victim knows and trusts. We are using the attacker’s weapon (Deepfakes) as a defensive educational tool.

Real-World Impact: This tool directly mitigates the risk of deepfake fraud. By exposing employees to a simulation where the “attacker” sounds like their actual boss or coworker, organizations can break the “trust bias” that makes vishing so successful. This helps companies meet SOC2/ISO compliance for security awareness.

Theme Alignment (AI Agents): The submission is a fully autonomous Voice Agent. It listens, thinks, and speaks using a specific cloned identity. It improvises responses based on the victim’s hesitation and persistently pursues its goal without human intervention.