OSINTion Podcast with Joe Gray

On March 07, 2023, we enjoyed conversation with friend and OSINT specialist Joe Gray on his “OSINTion” podcast. Discussions were based around intelligence report writing, rules-of-engagement when dealing with personal devices and individuals, certifications, and of course, social engineering techniques and topics. We appreciated being on the show and hope that you enjoy watching and … More OSINTion Podcast with Joe Gray

War Story: “Can I see that?”

When traveling for these types of assessments, we always consider the location of a client’s facilities. Often, we’re fortunate enough that these locations are adjacent to a hotel, café, food court, or a shared facility in general. How does this help, other than the convenience of a nap or food in between efforts? To a malicious actor, one can use this to conduct passive reconnaissance to gather useful information which is anything from the target facility’s dress code, ingress/egress points, security camera placement, style of… … More War Story: “Can I see that?”

Open a Locked Door With Canned Air or Hand Warmer – Covert Entry Techniques

The Attack: In our presentations on “Covert Entry“, we discuss bypassing locked doors equipped with REX (request-to-exit) sensors as it’s one of the go-to vulnerabilities that we exploit during assessments. The vulnerability is very common, and the attack is quick. When we share this information, there are those who think it’s just a “trick” and … More Open a Locked Door With Canned Air or Hand Warmer – Covert Entry Techniques

Layer 8 Social Engineering Conference – Podcast

Tim Roberts and I had a great discussion with Patrick from the social engineering-focused Layer 8 Conference. Not long ago, I made a post on Twitter asking which topics, tools, techniques others might like to have me write a blog post about. There were some great responses, such as “what do you do when you’re … More Layer 8 Social Engineering Conference – Podcast

Improved Canned Air Attacks Against REX Sensors

Bypassing Request-to-Exit (REX) sensors with canned air and other mediums isn’t a new attack, and is widely used as a covert method of entry. However, there are times where this attack could be possible, but certain elements such as a small physical gap that the straw can’t fit through, REX sensor being farther away, etc., … More Improved Canned Air Attacks Against REX Sensors