Have you ever wondered how Red Teamers manage to get access to high-security areas in buildings? This talk is your chance to learn about the tools, tactics, and techniques we use to break access control systems.
The presentation is based on the experience and examples collected during the Red Team assessments and gathers in one place the knowledge needed to gain access to places protected by access cards.
During the talk, I’m going to show you how I was able to break into organizations using techniques such as simple card cloning:
We’ll discover the basics of RFID technology and learn how to use Proxmark3 for access card scanning and cloning with the demo of the device operation.
We’ll explore some of the most common misconfigurations in access control systems and learn how to use them for gaining access and escalating privileges.
We’ll also delve into the technical and social engineering aspects of card scanning during a Red Team Assessment with an example of a complete kill chain, which enabled me to gain entry to highly secure areas within a building, starting from a position of zero access.
And last but not least – we’ll talk about how to protect your organization from these types of attacks.
Let’s discover how to break into organizations with style.