Talk

How to Break into Organizations with Style: Hacking Access Control Systems

April 25, 16:00 (CLOUD)

Have you ever wondered how Red Teamers manage to get access to high-security areas in buildings? This talk is your chance to learn about the tools, tactics, and techniques we use to break access control systems.
The presentation is based on the experience and examples collected during the Red Team assessments and gathers in one place the knowledge needed to gain access to places protected by access cards.

During the talk, I’m going to show you how I was able to break into organizations using techniques such as simple card cloning:
We’ll discover the basics of RFID technology and learn how to use Proxmark3 for access card scanning and cloning with the demo of the device operation.
We’ll explore some of the most common misconfigurations in access control systems and learn how to use them for gaining access and escalating privileges.
We’ll also delve into the technical and social engineering aspects of card scanning during a Red Team Assessment with an example of a complete kill chain, which enabled me to gain entry to highly secure areas within a building, starting from a position of zero access.
And last but not least – we’ll talk about how to protect your organization from these types of attacks.

Let’s discover how to break into organizations with style.

Speaker

ins-dummy-speaker

Julia Zduńczyk

Julia performs penetration tests for a wide range of IT Projects as an IT Security Specialist at SecuRing. Her main area of interest revolves around Red Teaming, specifically access control systems assessments, RFID hacking, social engineering, and other related topics. As a Cybersecurity student at the Academy of Science and Technology in Cracow, she had the opportunity to learn a wide range of IT security aspects from the beginning of her academic education. In her free time, she enjoys playing CTFs and researching attacks on access control systems.
She has been selected as the top speaker at CONFidence Conference 2023 (Cracow, Poland) and best speaker at SEC-T 2023 (Stockholm, Sweden).

Organized by

Technology partners

Partner events

Scroll to Top