Breaking Into Buildings Is Way Too Easy (A Hacker's Physical Pentest Toolkit)
Вставка
- Опубліковано 16 вер 2024
- ❓Info❓
___________________________________________
Hire me: tcm-sec.com
Get Trained: academy.tcm-se...
Get Certified: certifications...
Sponsorship Inquiries: info@thecybermentor.com
Products featured in this video
___________________________________________
Night School - Tuxedo Edition Lockpick Set - www.sparrowslo...
Bump Key Set - www.sparrowslo...
DDT - www.sparrowslo...
Under Door Tool - www.sparrowslo...
Door Shims - www.sparrowslo...
Travelers Hooks - www.sparrowslo...
Flex Pass - www.sparrowslo...
Body Camera - amzn.to/3evg4q9
Under the Door Camera - amzn.to/3EsUEog
Compressed Air - amzn.to/33SOqBk
5-in-1 Tool - amzn.to/3z8FrI2
Leatherman Multitool - amzn.to/32Fy52z
Common Key Set - www.ebay.com/i...
Boscloner - www.boscloner....
TrustedSec Physical Docs: github.com/tru...
📱Social Media📱
___________________________________________
Twitter: / thecybermentor
Twitch: / thecybermentor
Instagram: / thecybermentor
LinkedIn: / heathadams
Discord: / discord
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
/ thecybermentor
Support the stream (one-time): streamlabs.com...
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: amzn.to/31GN7iX
The Hacker Playbook 3: amzn.to/34XkIY2
Hacking: The Art of Exploitation: amzn.to/2VchDyL
The Web Application Hacker's Handbook: amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: amzn.to/31HAmVx
Linux Basics for Hackers: amzn.to/34WvcXP
Python Crash Course, 2nd Edition: amzn.to/30gINu0
Violent Python: amzn.to/2QoGoJn
Black Hat Python: amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: amzn.to/30d1UW1
EVGA 2080TI: amzn.to/30d2lj7
MSI Z390 MotherBoard: amzn.to/30eu5TL
Intel 9700K: amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: amzn.to/2M638Zb
Razer Nommo Chroma Speakers: amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: amzn.to/31MOgpu
My Recording Equipment:
Panasonic G85 4K Camera: amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: amzn.to/2LIRxAp
Aston Origin Microphone: amzn.to/2LFtNNE
Rode VideoMicro: amzn.to/309yLKH
Mackie PROFX8V2 Mixer: amzn.to/31HKOMB
Elgato Cam Link 4K: amzn.to/2QlicYx
Elgate Stream Deck: amzn.to/2OlchA5
*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.
Another tool to add to your tool box would be about a 18" piece of simple weed eater string. Super easy to conceal. It becomes your go to tool when you have a door where the striker is covered by something as a metal plate. Normally a shove tool or the painters tool you showed would work if the plate was not there however the plate now makes those tools useless. Simply thread the weed eater string down behind the plate, rock it back and forth while pulling gently and you will defeat the lock and open the door.
What if someone recognizes you during a physical pentest, like "Oh you are the cybermentor, I am a huge fan of yours, you are pentesting here?" 😅
rt lol
"I'm sorry, have we met?"
Just wait a few years. A gray hair or bearded white man is invisible. Put safety orange on him, truly invisible. No one looks service people in the eye.
Obligatory comment for making UA-cam promote this legend!
This is like my dream career, breaking into buildings legally. I am in love
Right?
Nice video TCM. I recently did my first physical pentest, it was a fun one 😁
would love to hear the experience via a video on your channel :)
Same
Great video! I did about 7 physical pentests this year and some of these tools would have been super handy. It’s always tough to know what your gonna run into. Social engineering and being confident about who I was pretending to be helped in being successful on most of them.
Appreciate all that you do for the community, you’re a rockstar
yea... rfid badges, silent alarms. I doubt they did pen testing in the 80's and early 90's but If they did it would have been a walk in the park.
It's worth noting that a roll of 35mm film can be used as an "over-the-door (top)" tool if you do not have an "under the door" tool. Naturally, it depends on the door. Also, it's probably a good idea to ensure you check the latch assembly to ensure that you can exit without the door locking one way (think roof access).
I think this method is old. I have tested many doors in office buildings in my city and NONE of the handles will open in an upward action, UDT is viable but film isnt.
Yeah.. that was seriously 🔥🔥🔥🔥
Thank you, Heath! I always appreciate your realistic and practical videos. I agree when you say that most other youtubers end up trying to sell us Hack5 gear, and most aren't going to be used. Your videos are truly a breath of fresh air.
Hi Heath. Great video and very useful. I just completed your course on ethical hacking on Udemy. Just wanted to say a huge thank you! I have learned a ton already based on your course and this helps as well. I begin my security journey professionally in February 😁
Awesome video TCM. I want to get a lock pick practice set so I can start learning how to lockpick.
I used the air can trick on a door in my office. Very easy and very effective!
Have you ever considered using a device like a pwn phone on a pentest? In my experience its almost undetectable which is useful in the field and while it will never take over the role of a laptop for exfiltration and post-exploitation purposes it does in my eyes fit the best for infiltration. Plus you feel straight outta Watch Dogs!
This is super cool to see. I am curious what Hak5 gear you'd use as well
The crossover from pen testing to physical pen testing will never cease to seem odd to me. I feel like certain LE/MIL backgrounds lend themselves better to the pursuit of physical pen testing personally but I dont think that shout deter people from looking to get into it as a line of work. I will say it seems theres alot of unnecessary gatekeeping in physical pen testing as well, often hiding behind alot of mostly useless pay to play certifications for what could otherwise be a trade.
Hey TCM, been following you since very long when i fell into the ocean of info sec. Just wanted to request you to please make a video on the OSCP 2022 CHANGES !!!
Great video. Just surprised you didn’t mention a Proxmark3 or something similar for badge access and sort lol
Now, Mr Robot is looking more realistic :P
I wish I can get a raspberry pi nowadays for $30-40 😂
how do I get into the field? where does a more than average person start and I'm serious about it. thanks for your time been watching for a while now. happy new year
Cool video. Not sure I agree about the plastic lovk though. :-)
With bump leys you dont really need a hamer just line up ram while twisting bango
I see you Heath growing that beard to be unnoticeable during that physical engagement ;)
I have a bar that goes underneath the doors of emergency exits and pushes the handles. Literally gives me access to 99 percent of buildings in Australia.
Whats it called
So awesome!
My lockpick set is similar, but looks much more like a sawzall
Great video
Great video with a lot of interesting tools.
I like your new look.
Hey man, when you can please make another video on how to use lan turtle, rubber duck etc
Looked at the badge cloner, saw $3,000 whelp...next lmfao. DIY I guess it is though I'm sure it'll pay for itself in one good gig.
You didn’t even wear a Guy Fawkes mask so, was it even real?
Love this 🤣
Hey TCM , i want persue masters in cyber security in US , can you suggest any uni for me
👍🏽
TCM❤️❤️❤️
How much you take for one advertisement on your channel, i want to do a advertisement on your channel
This voice ❤❤
🔥🔥🔥🔥
TCM
Commented
🕵️👷👩🔧
diet coke plus \o/
You look burnt out mate.
🧐
2nd view bros