The Attack: In our presentations on “Covert Entry“, we discuss bypassing locked doors equipped with REX (request-to-exit) sensors as it’s one of the go-to vulnerabilities that we exploit during assessments. The vulnerability is very common, and the attack is quick. When we share this information, there are those who think it’s just a “trick” and … More Open a Locked Door With Canned Air or Hand Warmer – Covert Entry Techniques
I wanted to share the gear that has become my EDC (Every Day Carry) setup. I carry these custom-built tools with me on covert entry assessments, as well as most trips. I like to be prepared for the “what if” scenarios. Let’s start from left to right with the image above. Hand Cop Up first, … More Covert Entry Specialist – EDC
Join Tim and Brent as they discuss stories of their early exploits with old-school hacking, phone phreaking, 90’s hacker culture, \as well as what motivated them to pursue careers in Information Security.
When traveling for these types of assessments, we always consider the location of a client’s facilities. Often, we’re fortunate enough that these locations are adjacent to a hotel, café, food court, or a shared facility in general. How does this help, other than the convenience of a nap or food in between efforts? To a malicious actor, one can use this to conduct passive reconnaissance to gather useful information which is anything from the target facility’s dress code, ingress/egress points, security camera placement, style of… … More War Story: “Can I see that?”
Thanks to the crew at Security Weekly for having me on their show! This was a fun conversation around physical security, covert entry, EDC (every day carry) tools and concealed covert entry tools and escape devices. Here’s a link and description of the podcast from their website:https://securityweekly.com/shows/covert-edc-physical-pen-tests-brent-white-psw-726/ Discussing every-day-carry items that are utilized during covert … More Podcast – Security Weekly
The Adams Rite style mortised dead latch is susceptible to a simple bypass by reaching inside of the lock, pulling the correct bold, and it will unlock. There are tools that you can purchase such as the “long shot” tool from Sparrows. These tools work great, and I have no issues with them. However, my … More Adams-Rite Deadlatch Bypass Custom Tool
Assessment Type: Covert Physical Security Assessment (Onsite)Target Type: Corporate Financial Institute Assessment Background When performing red team engagements that include physical and onsite social engineering components, our ability to piggyback/tailgate into target buildings and sensitive areas has an extremely high success rate. Walking in a confident manner and going through the motions of “badging in,” is simple … More War Story: The Key
Assessment Type: Red Team (Onsite)Target Type: Corporate Healthcare Institute Assessment Background With a loose-fitting patterned tie, white button-up shirt, some gray slacks, and a fake badge draped around my neck (that I had made up and printed at the hotel earlier that morning during breakfast), I was dropped off at the target facility by a fellow consultant. … More War Story: Piggyback BBQ
“This device allows you to practice lock picking as though you’re having to reach through security bars, and the lock is not in clear view.“ When we first learn to pick locks, we often hold the padlock comfortable in our hands, placing it in the perfect position. This helps us to learn the basic, and … More Tactical Reversed Lock Picking Practice Stand
We have several war stories like this and often share them as case studies during the presentations and training that Brent and I conduct. I am kicking off a series of regular War Stories that will be shared here! By sharing these stories, I hope to provide some legitimate examples of how we have been … More War Story: Keyloggers and Coffee
When teaching how to attack access control systems such as proximity card readers, it’s much easier to have a solution that allows me to demonstrate, as well as provides students the ability to practice these attacks in the classroom.Access control systems vary from location to location, and getting approval from the facility’s owner to attack … More Portable RFID Access Control Lab
During Covert Entry assessments, the last thing that you want to do is to be noticed. Fumbling around in a bag trying to find the bypass tool that’s needed will certainly draw attention. If you have seen my other posts or videos, you will see that I focus on creating tools for Covert Entry that … More Covert Entry Multi-tool Build
The “BosCloner” is an extremely handy, on-the-fly, RFID badge cloning tool. Since I’ve had the privilege of using this tool on a few covert entry engagements, I find myself telling people about it in all RFID-related conversations–and we have quite a few. The product video on the website is pretty accurate in that you can … More BosCloner – Review and Tips
Tim Roberts and I had a great discussion with Patrick from the social engineering-focused Layer 8 Conference. Not long ago, I made a post on Twitter asking which topics, tools, techniques others might like to have me write a blog post about. There were some great responses, such as “what do you do when you’re … More Layer 8 Social Engineering Conference – Podcast
Who’s Your Hacker interviewed Tim and I regarding social engineering, penetration testing, red teaming, surveillance, and much more. There were great questions, and some great insight to what we do. 🙂 Thanks for having us on!
Thanks to Low Voltage Nation for inviting me to be on another fun podcast!This one was in my office, where I focused on a handful of tools utilized for covert entry, wireless surveillance, social engineering, and a few more. You’ll hear me refer to other videos that demonstrate that particular tool being used. To … More Podcast – Covert Entry Closet
Thanks to Kilo23 Group for the interview with Tim and I! We covered quite a bit during this regarding covert entry tools, social engineering techniques, COVID-19 effects of the job, Tiger King, and much more.
Thanks to Blake and Low Voltage Nation for hosting Tim and I for a fireside chat. We discussed some of the nitty-gritty of what it means to be a security consultant, breaking into buildings, time and self management, and much more. There’s also an exclusive peak into what has been dubbed my “serial killer” closet. … More Podcast – Low Voltage Nation
Opening a locked door with just a piece of plastic is just as bad and simple as it sounds. If a lock is not equipped with, or has a deadlatch button that’s improperly configure, it’s very easy and quick to slip the latch and let yourself in. In the following videos, you’ll see where I … More Open a locked door with a piece of plastic
It’s no secret that the security of your hotel room isn’t great, and gaining access to a room is nearly child’s play for criminals. It is also estimated that around 60-70% of hotel thefts are from hotel employees. There are numerous entry tools available to the public that can quickly bypass the physical security controls, … More Increasing Your Hotel Room Security