Red Teaming in practice: Physical Security Testing tutorial
Red teaming represents a unique approach to assessing an organization’s security posture. Learn how to hack access control systems and RFID readers and break into organizations with style.
What is Red Teaming?
Red teaming represents a unique approach to assessing an organization’s security posture. In red teaming services, we simulate the actions of real-world attackers – including both physical and cyber-attacks. Red teaming helps answer the question, ‘What are the most crucial actions to secure your company’s resources?’ by testing likely attack routes. Unlike penetration testing, which focuses on identifying as many vulnerabilities as possible, red teaming concentrates on real-world attack scenarios, identifying the weakest points in an organization’s security posture. Our approach to red teaming includes OSINT, physical access attempts, attacks on network infrastructure, Active Directory testing, breaching physical access control systems, social engineering attacks, and phishing campaigns.
About the speaker
Julia Zduńczyk is a Red Teaming expert. She was chosen as the Top Speaker at CONFidence 2023 (Cracow, Poland) and received the title of the Best Speaker at the SEC-T 2023 conference (Stockholm, Sweden). Her main area of interest revolves around access control systems assessments, physical security, RFID hacking, social engineering, and other related topics.
Behind Closed Doors – Hacking RFID Readers
The topic of attacks on access badges is widely discussed, but what options does an adversary have when cloning someone’s card isn’t possible? How else could someone gain entry into high-security areas without direct access to credentials?
In this talk, I will explore techniques for compromising RFID readers to bypass organizational security mechanisms. I will cover:
- ways to intercept communication between the reader and controller using the Wiegand protocol, including a demo of this attack;
- using this entry point to leverage access through different attacks;
- how the OSDP protocol works and its security implications;
- other methods to bypass access control security mechanisms.
I will also share real-world experiences and stories from Red Team engagements, illustrating practical applications of these techniques in real-life scenarios—ideally, without getting caught 😉
How to Break into Organizations with Style: Hacking Access Control Systems
Have you ever wondered how Red Teamers manage to gain access to high-security areas in buildings? This talk is your chance to learn about the tools, tactics, and techniques they use to bypass access control systems.
This presentation is based on experiences and examples collected during Red Team assessments, bringing together the knowledge needed to gain access to areas protected by access cards.
During the talk, I will show you how I was able to break into organizations using simple card cloning techniques. Specifically, I’ll cover:
- the basics of RFID technology and how to use a Proxmark3 for access card scanning and cloning, including a demo of the device in action;
- some of the most effective attacks on access cards and how to execute them;
- the technical and social engineering aspects of access card scanning during a Red Team assessment, with real-life examples;
- and last but not least, how to protect your organization from these types of attacks.
Let’s discover how to break into organizations with style!