It’s no secret that the security of your hotel room isn’t great, and gaining access to a room is nearly child’s play for criminals. It is also estimated that around 60-70% of hotel thefts are from hotel employees. There are numerous entry tools available to the public that can quickly bypass the physical security controls, … More Increasing Your Hotel Room Security
A popular method for securing small concealable lock pick sets is to insert them into the spring from a retractable ball-point pen. A safety pin is then added to secure the set in place. Although this is a great method, I have had a few issues with it: The picks fall out if there is … More Lock Pick Concealment (EDC) Wallet
As a physical security professional, I frequently travel with items such as lock picks, and other bypass tools when they are needed for assessments. I have had many people ask me after conference presentations, local Nashville security meetups, etc. about the very vague Tennessee state law regarding the possession of lock picks, which makes it … More Lock Picking Laws in Tennessee
Are the employee’s at your target location paying attention?
Only the most daring physical pentesters are comfortable wearing such a bold shirt to really put a company’s incident response and security awareness training to the test. … More Physical Intrusion T-Shirt
Bypassing Request-to-Exit (REX) sensors with canned air and other mediums isn’t a new attack, and is widely used as a covert method of entry. However, there are times where this attack could be possible, but certain elements such as a small physical gap that the straw can’t fit through, REX sensor being farther away, etc., … More Improved Canned Air Attacks Against REX Sensors
Thanks to Latest Hacking News for interviewing Tim and I on the subject of physical security. Check out the interview: Latest Hacking News Podcast #245: Brent White and Tim Roberts, NTT Security
Something that bothers me, and I often comment about during my presentations is the media’s portrayal of a “hacker”. Hackers are shown as someone wearing gloves and a ski mask on a computer. I know that this is for effect to show criminal activity, but the issue here is that these sort of ideas stick … More Spotting the Social Engineer
Thanks for those who reached out afterwards, asking more information about project management and other items we discussed at our Wellness Village talk at DerbyCon this year! Also, HUGE thanks to Amanda Berlin for letting us speak, and for creating the Wellness Village. Hopefully it will become a regular part of the conference. After a … More DerbyCon 8 – Wellness Village Talk
If you’re not familiar with the Under-the-Door (UtDT), it’s a device that fits between the physical gap at the bottom of doors, is then rotated upwards, grasps the lever-style door handle, pulls down and opens the door from the inside. It’s very easy to use, and is publicly available for purchase. Lever Handle: Under-the-Door tool: … More Protecting from the Under-the-Door Tool
Just for fun, I decided to make a few crash bar (J tool) bypass tools to hand out at DEF CON 26. They are made with weldable wire, and some heat shrink for the grip, and to help prevent scratching. Also, for the sake of size, I decided to create a very small hook that … More Crash Bar Bypass Tools for DEF CON 26
Found some awesome write-ups from Alex Dib regarding building your own RFID cloner and a useful Proxmark3 cheat sheet, and wanted to share! Proxmark3 Cheat Sheet Great cheat sheet for those using the Proxmark3 software. https://scund00r.com/all/rfid/2018/06/05/proxmark-cheatsheet.html RFID Thief v2.0 Very detailed write-up for building your own long-range RFID cloner. https://scund00r.com/all/rfid/tutorial/2018/07/12/rfid-theif-v2.html
Here are some presentations that I made for “Who’s Slide Is It Anyway”, “Slideshow Karaoke”, “Slideshow Roulette”, or whatever else you want to call it. They are pretty random, and a fun play on popular topics and buzzwords within the #InfoSec community. They are meant to be fun and technically inaccurate on purpose, and in … More Who’s Slide Is It Anyway
While working on a two-week long engagement with a client, we had built enough rapport to joke openly, and be ourselves (which is a scary thought). Through this, I had started teasing him about his departments “security awareness” posters. These things were so cheesy. So, at the end of the two weeks, as we were … More Vintage Security Awareness Posters
Make an Incomplete Nmap Scan .xml File Usable for Rawr and Other Applications That Accept .csv File-types This is a very non-technical how-to for newcomers who have found themselves in a situation where for some reason or another, their Nmap scan wasn’t able to complete. This can be a problem when you were planning on feeding … More Make an Incomplete Nmap .xml File Usable Again
Recently, I performed a physical assessment against a large hospital. There are several gaps that were discovered, but I will not cover those in this post. With the high level of traffic in an environment like a hospital with many employee types, patients, vendors, volunteers, etc., it’s common for many people to be in/out of … More Physical Assessments Against Hospitals
Resource to flash the Proxmark3 from the standard HF mode, to LF mode: https://legacysecuritygroup.com/index.php/projects/categories/9-rfid/7-proxmark-3-emulating-hid-tags-in-standalone-mode WINDOWS Download the github proxmark3 standalone LF emulator Master by Corey Harding —https://github.com/exploitagency/github-proxmark3-standalone-lf-emulator Run Easy Flash Utility for Windows .bat This tool is handy for reflashing your Proxmark3 for whatever you need it for Reference: https://www.youtube.com/watch?v=06DgTuJcMQ8 Plug in your Proxmark3 and … More Proxmark3 Resources
Here, we are going to document useful tools we utilize during the Open-Source Intellignce (OSINT) phase of our assessments. Feel free to send suggestions of tools/websites that you like to use as well. https://start.me/p/ELXoK8/bellingcat-osint-landscape A wealth of links broken down into different categories. Highly recommended! http://osintframework.com/ Excellent starting point! A well-maintained repository of well-known OSINT … More OSINT Resources
I had a great time speaking at the InfoSec Nashville event! This was my first time attending, and it’s certainly a well-ran conference. It was awesome of them to give my wife and daughter a badge as well, so that they could attend. I presented “Security Guards — LOL!”, and received some very positive feedback. … More InfoSec Nashville
A small toolkit for the field when performing onsite social engineering assessments. … More Red Team Field Kit – Lite
A HUGE thank you to the team from Microsoft’s show “Roadtrip Nation” for meeting with us at Def Con 23 for the chance to speak on the topic of hacking and what it takes to get into the career field. We had a blast with the crew and it was great to discuss the fact … More Microsoft’s “Roadtrip Nation” Interview
