You’re improving an industry obsessed with kit and the mystique of cloak and dagger. A dose of reality does a lot for everyone willing to hear it and let it shape their perspective. Thank you Dev.
@DeviantOllam2 жыл бұрын
Happy to do my part 👍
@trioptimum90272 жыл бұрын
In my (non-corporate) opinion, borrowing your tools is actually *more* impressive for this kind of demo. "Oh, okay, the Sneakers guy has some kind of tool that will open our access-control box" is not really that big a shocker for an executive. The fact that it's a tool you can get anywhere is not very visible /when it came out of your toolkit./ "The Sneakers guy borrowed a screwdriver from our janitor/IT dude and opened all our shit" is really more of a shock. It's kind of the inverse of the "common keys" situation, really: executives probably know, if they think about it for a second, that tools exist *somewhere* and that it is possible for someone with particular skills to pick or decode locks. The fact that you can glance at the box and already have the right key is more of a shock, as is the fact that the building maintenance guy has had de facto access to the server room all along.
@MichaelTilton2 жыл бұрын
Asking for tools also has a benefit of looking "less scary". It is the "I'm with xyz to fix your copier" type attack. It seems "safe".
@phyphor2 жыл бұрын
I love a dude who is secure in their knowledge, skillset, and professionalism, that they are happy to share because they'd rather upskill a community to benefit everyone than hoard what they've got in their brain to benefit only themselves. Nice work, as always!
@DeviantOllam2 жыл бұрын
Thank you! 😁👍
@bowlsallbroken2 жыл бұрын
This was a helpful reminder to occasionally ask yourself, "am I presenting in a way that's appropriate to this social situation?" or more bluntly "am I being a fucking weirdo?", something us geardos need to keep in mind can sometimes be more important than "am I maximally prepared for every contingency right now?"
@keithduthie2 жыл бұрын
For many of us, "am I being a fucking weirdo" is a foregone conclusion. More importantly "do I _look_ like a fucking weirdo, and if so how do I hide it better?"
@frogz2 жыл бұрын
@@keithduthie this, exactly this and then i shrug and continue on being a weirdo because i am good at what i do and people pay me to do it
@bowlsallbroken2 жыл бұрын
@@frogz If people are paying you that's a good indication that you're properly calibrated.
@MorningDusk77342 жыл бұрын
Those big stationary leather folders are at literally every college, emblazed with their logo. Go to your current or former school's store, pick one up, and keep it for regular use in a bag until the logo wears off. You come in with a shiny new leather case, that looks suspicious (if they're looking for it). You bring a worn leather paper keeper? That's just for taking notes and keeping your stuff organized, of course.
@fruitshuit2 жыл бұрын
One other thought about the kit looking professional, I guess it hammers home that point that thieves aren't wearing domino masks and striped sweaters, the guy you need to worry about is probably carrying a black attache case and a plain accessory pouch!
@carpespasm2 жыл бұрын
Or just as likely, has a guest badge, an internal point of contact they've worked up, and is asking which way the IDF room is with a clipboard in hand.
@wobblysauce2 жыл бұрын
Plain sight.
@A2ne Жыл бұрын
@@carpespasm or the friendly looking elevator technician
@springbloom5940 Жыл бұрын
I always use improvised tools, to disabuse people of their perceptions of security. Wafer locks with a paperclip is always a crowd pleaser.
@KylejvT2 жыл бұрын
When we do inspections I tend to carry a small roll of high vis tape. If I come across a issue I can place a small square down with a number written on it then mark that number down on the checklist. It helps later when they send somebody to look into the problems to locate the exact issue because most of the time the issues were things they couldn't see themselves.
@3nertia Жыл бұрын
Top tier advice; thank you!
@x9x9x9x9x92 жыл бұрын
The fact the man is telling you "do not buy these tools from us" in this video just shows you the type of guy Dev is. Been watching him for years ever since I feel down the lockpicking rabbithole thanks to bosnianbill like 10 years ago and then getting one of his talk videos in my side bar like 8 years ago and I got a grasp as to the type of guy he was but this just solidifies it. The guy is genuine and just wants to help and isn't in this for greedy reasons.
@carolinafrog43652 жыл бұрын
not only a light in the dark, but a lighthouse to guide and improve the community, Thank you Dev!!!
@DeviantOllam2 жыл бұрын
My pleasure!
@Veptis2 жыл бұрын
The 'you want to try it' approach seems to be the most honest approach I would like to see with more interactions. I am teaching a coding class at university and often I tell people to not just 'try it' and instead ask them predict what will happen. It's the opposite of 'hands on' but more 'heads on' I suppose.
@tiggalong2272 жыл бұрын
So an odd thing I found working in utilities was that graph paper was better for explaining stuff with drawings than ordinary lined paper as it made it easier to scale and position thing relative to each other and is still easy to write neatly on.
@trioptimum90272 жыл бұрын
Plus you look like a REEL ENJINEER when you do it, even if you're just handing over a list of, dunno, possible services or something.
@rveader2 жыл бұрын
If you must be fancy, you can also go for dot grid.
@pflasterstrips7254 Жыл бұрын
graph paper is also nice as cheap evidence ruler, you have a grid and could adujust for any distortions of your lens to get a to scale image of things
@H3110NU2 жыл бұрын
This has only ever been a hobby in my life. If I ever have to change my profession and leave the acronym factory, security consulting is definitely on the short list of industries I’d pivot towards.
@xemon21652 жыл бұрын
Your "sleek looking" mindset is what I have come to myself ... With exec you don't want to look too out of place or they don't listen to you ... I feel like the lishy are a bit extreme, and I took the tubing out of my set. But the evidence ruler is a great idea, I'll need to add it mo my bag 👍 For storage, I love hdd case, they are hard sided, usually have a strap on one side and a mesh on the other. Thanks for sharing with us, X
@RubberBanned2 жыл бұрын
Having quick shows for PoC is one of the best ways to display potential impact. Getting managers to move dollars into the avenue of improvement almost always need physical proof. Good stuff.
@tissuepaper99622 жыл бұрын
Your parody of the Big Rock Candy Mountain that is "EDC" was hilarious, especially "have you tried blue apron?".
@MysticWanderer2 жыл бұрын
In a retail environment I have seen people come in with precut pieces of aluminum foil for wrapping small items so they don’t set off the sensor at the door. But I have also seen then just pick up a roll off the shelf and tear off whatever they need to accomplish the goal. The point is sometimes you know what you will find on-site.
@jsax01001010 Жыл бұрын
The worst part of trying to secure product in a hardware store is that all the tools you'd ever need to bypass security devices or break product out of locked cages are just sitting on the shelf. There is a rack of bolt cutters in view of the padlocked cages that hold the expensive battery power tools. There is an product you can grab off the shelf that will deactivate the security devices they use on the product. The real protection isn't all that physical stuff. It's the hundreds of hd cameras watching the entire store, and the fact that if you have any sort of criminal history, the police will easily identify you and come knocking at your door.
@jsax01001010 Жыл бұрын
All that aside, what would scare me the most if I were trying to rob a store is that, while you can get a pretty good idea of what each retailer trains their employees to do during a theft, you never know how random customers might respond. Once, after two thieves ran out the door with cart loads of product, a customer that witnessed it pulled out a gun, chased them down, and held them at gun point till the police arrived. I've also seen a thief have the misfortune of trying to run out right as a pair of off duty cops were walking in to do some shopping. That thief hit the ground hard.
@MysticWanderer Жыл бұрын
@@jsax01001010 Your replies show that you are thankfully in the larger group of people not really trying to learn how to steal effectively. You have noted some obvious things but are not aware of the errors. It is good that most people are in this same camp with you and I'll explain why. First: locks keep honest people honest. ie those that don't know fully how to bypass them or feel that somehow doing so makes it more wrong. Second: those that can be easily deterred allow those that need to catch the thieves to focus on those that are more determined. Also as an aside, NEVER be that person that chases down a retail thief with a gun or you might find yourself taking the trip with them to jail. A lot of legal ramifications in doing what seems obvious to some but is actually a very sticky legal situation. Ignore this advise at serious chance of peril for multiple reasons that this post is already too long to explain all of.
@FrankStajanoExplains2 жыл бұрын
This is really a top class video Dev---my hat off to you and thanks. Your competence and ability as a penetration tester is unmatched but this is about the rather orthogonal skill set of making the lightbulb go on in the head of the non-technical CEO. Not many people have both skills. Those who do are unbeatable. You have just shown you are a master at both. Brilliant stuff.
@DeviantOllam2 жыл бұрын
That's so very kind of you to say,... thank you!
@FrankStajanoExplains2 жыл бұрын
@@DeviantOllam Well deserved! I wish I had an associate with your talents at Cambridge Cyber.
@thek33172 жыл бұрын
24:00 Jackhammer and Angle Grinder, after making my way from the reception to the backroom while making my own doors I never got invited back
@Christian-cz9bu2 жыл бұрын
I did guess the under-door tool was what missing. Interestingly, I had got one of those in an multi-tool entry kit when I was working at a auto-repair, ('93ish) where we were regularly locking 15+ cars a night. Inevitably keys would get locked in, and that was my go-to for GM cars without window frames, easy reach-in and pull the slider lock. Didn't know till your vid with LPL what they were designed for.
@DeviantOllam2 жыл бұрын
Yeah a number of auto kits have long tools like that, sometimes useful for grabbing interior door handles through a small crack
@artemmuchnik19562 жыл бұрын
@@DeviantOllam when I was young my go to for getting through doors was funny similar to that. Tie floss to a sheet of paper and thread it through the top of the door frame catch underneath and tie on a cable with a loop and put it over the door handle using a mirror and boom.
@1121494 Жыл бұрын
Wait, DO has a collab video with LPL? How did I miss it? Link?
@Matlock69 Жыл бұрын
The “Blue Apron” not ad was amazing!!
@canoepick11402 жыл бұрын
That kit is clean! I carry a backpack most places without a second look so I got a bit more but you’ve inspired me to cut it even further!
@yoursafeplace84762 жыл бұрын
The biggest takeaway I can tell you about this video is while I'm a beginner novice locksmith. I worked in or around corporate too much for my own liking. *Appearance. Always. Matters.* like he said carrying that molly kit will have you look like a jerk, especially if you're a civilian who never served in the military. You can find sleek and good looking bags that are black or leather and look professional/executive style, just go with those, get yourself even a cheap suit though I can recommend you skip the suit jacket and just go with pants, shirt, and vest. if you're going to be moving around a lot. Don't use curses like commas, appear professional, and maintain that even if it's a fake character you made up to play as a role for the executives it'll get you further than just showing up as johnny jerkoff the metalhead lock destroyer. If you want to do cool stuff like casting a key, gauge the audience you're working with, maybe the CEO would want to see you do that on the last day of your walk through or something as a bit of theatre but it shouldn't be standard carry stuff.
@JakHart2 жыл бұрын
You are absolutely right, there definitely needs to be more videos like this across-the-board. It makes me think about the knife bag I usually bring into work, I'm a cook. I've got it down to a small selection of tools that work well in almost every kitchen I've brought it to. I've seen guys that bring in huge knife rolls, with a ton of specialized tools, to only ever use one knife from it.
@curtishoffmann69562 жыл бұрын
Me: "I'm red team! I'm red team!" Coworker: "Dude, you clean toilets 8 hours a day." Me: "Yes, but I have an evidence ruler, too!"
@chasler17412 жыл бұрын
I have a solid argument against not having magnification. Small magnifier with moderate power is a god send with people who need reading glasses. You can score a lot of brownie points with them by making it seem totally normal to use a magnifier to see the smaller stuff.
@KateGrayCode Жыл бұрын
Just did a demo to suits at the building we are in, showing what’s wrong and how to fix it. Only needed two things in terms of tools: traveler hook and j-tool. The rest was demoing remediation and how access control works when done right.
@derekbroestler76872 жыл бұрын
AWESOME video.... I had to learn this the hard way when I first started doing consult jobs as a locksmith. You HAVE to know your audience. They're probably brilliant at what they do, but they don't know enough about THIS to even appreciate the high speed stuff. Keep it simple... It doesn't matter if its a residential, commercial, industrial job, you're NOT looking to show off YOUR skills. Zip raking their Kwikset residential lock in 3 seconds won't impress a homeowner because according to movies that's how long ALL locks take to pick for a very skilled person.... BUT if you can show them something that EVEN THEY can do, you make that sale... This goes double for business owners and corporate folks. Like I mentioned in one of the Q&A videos, one of my favorite stories is the time I got a job (and sold a LOAD of latch protectors) because I slipped their latch with the earpiece of my glasses during the walk through. I sold them a lot of other hardware as well, but the minute I saw them respond to THAT I knew the job was mine and that gave me a bit more wiggle room in my other recommendations. This kiss of death on a consult is "Well, but you're a professional, the average person can't do that" (You CAN recover from that, but it's gonna be a LOT harder) Inversely, if they call someone else (be it another manager in a business setting, or, their partner, spouse, roommate, etc in a residential setting) the job is pretty much yours.
@risingSisyphus2 жыл бұрын
Fucking love the snarky dig on the blue apron sponsorshup lol
@IanBPPK2 жыл бұрын
Love your insights! You mentioned a time ago about maybe rehashing Packing the Friendly Skies with new laws and experiences and was curious if that was still in the works.
@DeviantOllam2 жыл бұрын
It's not a bad idea, honestly. I'll add it to the list. =)
@IanBPPK2 жыл бұрын
@@DeviantOllam many thanks. I remember sending you links to TSA's semi-official "what's allowed on board" KB for a couple of items back when you initially floated the idea. Iirc unloaded flare pistols are no longer friendly :(
@Aragorn4502 жыл бұрын
@@DeviantOllam lol, not that you have much else going on, right? 😉
@ivveG Жыл бұрын
Ollam is the man, he shares his knowledge with generosity and clarity. Thank you!
@JakeCraner2 жыл бұрын
Awesome content as always. This is nearly 1:1 with a kit I just put together. Can you put together a magnetic pole/magnet set on redteamtools along with a "how-to" video? I want to add this to my kit. Another idea - I added a flipper zero to replace low level proxmark/hackrf attacks. Would love to see what Babak could come up with regarding the flipper zero.
@DeviantOllam2 жыл бұрын
Babak has one! We were one of the early backers. It's a cool device
@hhhsp951Ай бұрын
Even the mundane parts of your job sound fulfillingly fun.
@andrews43212 жыл бұрын
I love the idea of a discrete kit full of tools that can be acquired easily and used with minimal instruction to prove how unsecure something or somewhere is. Even better when you can do it without leaving a trace.
@nigozeroichi25012 жыл бұрын
I wish I could've discovered your line of work years ago, watching your videos I find this stuff fascinating, I dabble in lock sport because I like puzzles, and what better puzzle than things that are designed to keep you out.👍
@TheSlugslinger2 жыл бұрын
we had one security Consultant at the place i work in sweden and he did 60% of the work with a USB stick with videos of the most common faults company's make from his pov, and then when he walked past doors, windows and locks later in the day he would point them out and the once in charge could now see the problem for themselves and it was way easier to convince them to fix it since in the past their mentality was "noting bad has happened so for so nothing will in the future so why worry".
@spyderf162 жыл бұрын
Thankfully that mentality is starting to change with insurance companies getting pretty tight fisted when it comes to tying new policies or payouts to passing audits. I'm more on the IT side of the world and it went from being easy to get a cyber insurance policy that practically always paid out claims when an incident happened to insurance companies either outright refusing to start a policy or denying payouts if you didn't demonstrate that you met their standards, especially if that was an entry point for the attacker. I've seen plenty of clients that were absolute misers on security change their tune real fast when the insurance company demands they up their standards to get coverage.
@Softbauch2 жыл бұрын
Always love your content, especially the relaxed pase of your videos. The time will come when I get drawn!
@bastelwastel85512 жыл бұрын
I think those advices of what you don't need and the why is very true not only for your profession. Keeping things low key, professinal and on point is always a good tip
@philthejet2 жыл бұрын
Great content, what you actually do need is little stickers left behind after a job with "Dev was here" written on them. I will gladly make them for you. 🤣
@liam73422 жыл бұрын
I work in a hospital in the UK and the day I walked in I realised that they have spent a lot of money buying electric code lock for most storage rooms. But that the strike plates are all wrong so you can shim any of the dead latch locks and some of the rooms have things like horribly expensive portable medical kit.
@LockPickNic2 жыл бұрын
I would love to do strictly physical security consulting. I did a tiny bit when I was a mobile locksmith, but I'm institutionalized now.
@BobWidlefish2 жыл бұрын
They sent you to prison for “security consulting”?
@jordangabrielle92612 жыл бұрын
I'd love to as well but I don't know where to start even
@thisaccountisntreal1072 жыл бұрын
@@BobWidlefish pen test from the way out !
@DeviantOllam2 жыл бұрын
That's like you're quoting Shawshank
@camronbay12 жыл бұрын
I like a minimalist approach on the gear I carry in a urban environment plastic shim,picks,shove tool,variation pry bars that can fit in a pocket,flashlight.
@DanTheRVMan2 жыл бұрын
Dude you mentioned that you give talks at West point as like a side note. That's freaking awesome!!!!
@BurningMonkey2 жыл бұрын
I love this video The idea of stuff that you really don't need is something that should be address more often
@k80theshade2 жыл бұрын
I think this is my favorite video of yours not on a stage. And I mean in ever. Good show!
@N0B0DY_SP3C14L2 жыл бұрын
As usual, solid advice on so many levels. Most importantly, solid advice about headspace, and creating convenience just follows naturally.
@jbwwins2 жыл бұрын
“If you can do more with less it looks better” good advice across the board
@bryantsmyth65102 жыл бұрын
One ofy very favorite possetoins is a six inch 32nds and mm ruler with metric and imperial conversions to decimals on the back, down to 64ths
@Gracelyn637 Жыл бұрын
Thank you so much for all the no nonsense info and for making it understandable, So many people make things way harder than they need to be so I can’t express enough gratitude to you and all the tidbits you share,sometimes it’s the most boring mundane things I use the most
@MichaelMaynard2 жыл бұрын
That was a really great, no nonsense video. Thanks for the work and thought that went into that.
@DonzLockz2 жыл бұрын
Hey Michael, long time no see. Hope you are well, good to see you are still around into security. Take care. :)
@krew11uvtoo238 ай бұрын
Love this. I like to go minimalist. I don't even want a bag. On my keychain I have to bumps, shims, etc. I also have covert items like an NFC reader/writer hidden in a FOB, a pen that's a video recorder for later review like missed cameras or even a pin or password typed as I walk or stand by. A rooted phone with pen apps and Kali. A baseball cap with hidden compartments for other items. I never understood the whole backpack thing.
@LK-dz6pb Жыл бұрын
@DeviantOllam, regarding the underdoor tool made portable - 15:40, just thinking out loud - wouldn't a design similar to a tent's pole, or a telescopic tube (like a portable blackboard pointer or old-school FM radio antenna) with jointed connection between parts? This way, a long enough flexible pole could be easily flattened to a about a size of your organizer, or at least regular handbags...
@lelanddyke8386 Жыл бұрын
I don't even care about pen testing, this guy is just real as fuck
@Fightosaurus2 жыл бұрын
Just giving the wisdom away for free. You are the MAN, sir.
@RocRizzo2 жыл бұрын
You really need your brain. Les Ismore is a longtime friend. He’s very handy, and uses very little, whatever the job. Thanks for the tips. They are, as always, quite useful.
@RickEmc22 жыл бұрын
Thanks for all these golden tid bits Mr Ollam
@DonzLockz2 жыл бұрын
Great to see what you use. I was in Electronic Security and no one used methods against reed switches in all the years i was working. The high security places would have the biased SM3 large surface mount reed switches, designed to prevent magnet attacks, so much better than basic flush 20mm to 25mm door jamb Reed switches. I'd be curious to know if you have tried to bypass them.🤔👍 Edit: They were dear as poison. I think I paid AU$308 each back in 2006! We literally installed hundreds of them. 😮😮😮💰💰💰
@DeviantOllam2 жыл бұрын
Oh those surface mount ones are often balanced contacts, yeah. Specifically designed to make tampering a big challenge.
@MichaelMaynard2 жыл бұрын
Good to see you bro.
@carpespasm2 жыл бұрын
Sounds like they're the answer to the other side of the equation when the folks in suits ask you "so what do we do to fix this vulnerability?" Risk assessment is a spectrum from "IDGAF, a lock in a cheapo keybox is enough" to "SHTU DOON EVERYTHING" If the client is taken aback at a magnet bypassing a reed switch you already have a number in your head for how much it'll be to provide a solution.
@libertarian16372 жыл бұрын
I carry a Leatherman tool with me, along with that I have a small flashlight, small space pen, and a flat Leatherman bit holder with Philips, flat, tors, and Allen bits in common sizes; these all stay in a small maybe 2”x4” case on my belt as such I don’t travel with screwdriver bits or a universal bit holder. I like the minimum approach and agree with the bypass over other tools; in law enforcement bypass is by far the go-to and in doing security consulting nothing seems to have as much impact as a small simple tool overcoming what people think are secure.
@Duladian2 жыл бұрын
1:45 pets tail can be seen on the bottom right
@DarylBullard2 жыл бұрын
Hi Deviant! The extended straw is probably the only thing I wouldn't keep in the case, because you aren't carrying the canned air to use it with. Seems like something to keep in the field bag. Great information as always!
@kofro392 жыл бұрын
Not to put words into anyone's mouth here. but after watching this video i feel like i might be able to clarify something that i felt was danced around but never outright said. i believe what dev was going for in explaining the less is more approach is the impact you will have on the clients. prepare for the conversation that takes place after you leave. suits never want to admit they were wrong or unprepared about anything, if you show up tricked out in a bunch of fancy gear, the first thing that will be said when you leave is "well we are not expecting to be attacked by someone with thousands of dollars in special gear and years of training like that guy." But if you show up looking underplayed, professional, and let the work speak for you, the conversation after will be much more like " this guy just walked through here and got into every door we have with a pencil case full of crap from homedepot and a dumpster, nothing is safe, hire this guy to save us and our data!".
@dpunlasmith2 жыл бұрын
Whenever I do a physical pen testing consultation I start with explosive destructive entry. It’s just a lot more exciting that way.
@carpespasm2 жыл бұрын
Shock and awe. Sure to make an impression.
@Ariccio1232 жыл бұрын
My dad has given presentations at west point and brought me along. I'll say, not only is it a good example of physical security (being a fort and all), but it's a fucking amazing place to visit!!
@DeviantOllam2 жыл бұрын
yeah, getting to tour the Post with some of the Cadets and faculty has been amazing over the years
@Null--2 жыл бұрын
Use a yellow highlighter to mark keypads with yellow ink. Its completely invisible on metal keys and shows up under UV.
@drumset092 жыл бұрын
"Do more with less" wise words from a wise man.
@sciguy982 жыл бұрын
That evidence ruler looks just like the ones we got at the Forensic locksmithing class at ALOA, lol. I have exactly the same one.
@shadow.banned2 жыл бұрын
That compressed air trick was cool.
@timkarvelis3523 Жыл бұрын
If you are ever thinking of adding some more to this get a sog power pint it has a 1/4 inch bit tool while being a midsize multi tool
@stevenemery40382 жыл бұрын
What are your tips for someone that is getting out of an LEO/Military field and might be interested in moving into something more in line with covert entry and pen testing? Love your work and keep up influencing the newer generations.
@Teabagz4fun2 жыл бұрын
Dunno if it's been mentioned in the comments, but that extend-o straw, could that also be used in place of weed-whacker line for slipping latches with plate covers?
@shadow.banned2 жыл бұрын
Nice rug backdrop.
@SEKCobra2 жыл бұрын
"Wait. I can do that?" is the best salespitch.
@lukecowlishaw2 жыл бұрын
Would love to see how a walk through, and executive meeting goes, and any stories around that
@camronbay12 жыл бұрын
Excellent video.
@BrooksMoses2 жыл бұрын
I figure one point about not carrying the giant selection of elevator keys and whatnot -- that "Hey, you know that's a common key, here I've got one right here" story sells a whole lot better if you are pulling out a set of five or ten keys rather than a set of fifty.
@lenbones7940 Жыл бұрын
im a commercial master carpenter and i can say that lishi keys work and ive used them to make keys for building owners who have "back doors" that they've never owned keys for....ive installed and changed commercial door hardware in everything from regular retail stores to high security labs and hospitals and colleges and i can count on one hand the amount of doors ive encountered that those 4 lishis cant open and key throw a average key box key a decent jiggler and a few combs and you have what will allow u to enter 99.9% of building's atleast in my experience of almost 20yrs in Ohio.. btw the few doors i was talking about were always antique type locks on churches or colleges that are like early 1900s... the doors on these building's are installed by dudes like me and im atleast competent most aren't.. you talking about high school drop out felons who do this cuz the place was the only one that would hire them... i almost feel bad for people who rent offices or places to open a boutique store or what not.. it would prolly blow there mind if they knew a security camera thats well placed and able to hopefully get enough info (plates and faces) is basically the best they can do... and even then if they dont recognize who came in its almost a waste of time getting the cops to come and giving them the footage... id say its a coin flip if itll even get watched let alone investigated..
@Mesatchornug2 жыл бұрын
I recently saw a clip of a plastic film attack on a door handle. Like an under-door tool, but more portable. I wish I could find it now, because that seems like a compromise to carrying the full UDT.
@Trickyni2 жыл бұрын
How does your kit change for European jobs? Further- do you change your approach/attitude for European jobs? Loved the video, your tool breakdowns are always incredible ^^
@carpespasm2 жыл бұрын
More broadly, what would be some changes and concerns for physical pen testing that change based on building norms and code in different regions of the world? For example, I know in the US that the ADA requires lever handle doors be able to open from a pull up or a pull down, which is apparently just not so in many other parts of the world. Chinese domestic market locks often use eurolock barrels and have an entire wild world of keyways all their own. I'd really like to hear from some physical pen testers that live and work in different regions to see what they commonly come across.
@miguelangelsimonfernandez54982 жыл бұрын
what a nice video! thanks a lot
@bunyipdan2 жыл бұрын
Admin items ...... I thought you would use a covered clipboard (rather than an open one - seems rather exposed), a security id card fob necklace, 4 in 1 pen (all in one multi coloured pen with pencil for notes), thumb drive, otherwise other useful items might include.....carry a small amount of flattened duct tape wrapped around a card, and only because tubular locks are quite prevalent in my area, I might also consider either a tubular lock pick or at least a goat tension tool, maybe carry some replacement door hinge security screws for clients to reference an easy fix to pulling hinges.
@lucianolucas9885 Жыл бұрын
love your videos
@DarthNinjaCode2 жыл бұрын
*takes all the notes* always good to learn from you
@DeviantOllam2 жыл бұрын
I am happy to share!
@CtrlAltDft Жыл бұрын
you're a bro in the right way, thanks for the information
@yeetyboii2 жыл бұрын
Wanted to see how easy it is to find bitting charts for common german keys (as it happens I live there) and it turns out its much much harder to the point, that i havent found any yet. Im gonma admit my research wasnt that deep, but its not like putting "key bitting chart" into google and boom you have a ton of pictures and a few websites for finding those. Your talks have piqued my interest very much and I for sure will look into the whole topic a bit more, as pen testing and lock picking seems like a fun hobby to pick. Cheers to your great videos and have a great day!
@seanrutter34702 жыл бұрын
I locksmithed for a cpl years in days past and have dabbled forever since. It fascinates me how many people don't realize, and don't even check on common keys with codes on them. I work maintenance these days for a franchisee of a MAJOR quick service restaurant. There were no extra keys for a high pressure water access and a toilet paper dispenser (of all things.) A MINIMUM of online research and a bit of my own $ and I have the keys I need now.
@richardthomas7756Ай бұрын
Deviant. It is a pleasure to be able to watch your videos. I find them highly educational and informative. Could you please tell me something- where did you purchase your handheld magnetic field sensor from? I have been trying to get hold of one for a long time. Thank you
@robmobz2 жыл бұрын
The thing I would consider missing from that kit is a Gen 2 Magic MiFare Classic card. I don't know about in the US but here in the UK you can probably open around 1/3 offices with just that and 10 seconds with access to a badge with your phone.
@McSnarf2 жыл бұрын
Umm. Might be an Euro thing, but if you want to avoid physical damage, carry some PZ (Pozidriv) bits. Size 2, like Philipps, but also maybe a size 1. It DOES make a difference.
@carpespasm2 жыл бұрын
There's not much pozidriv in the US, pretty much all phillips. Using a phillips on a pozidriv or verse visa really does suck. I only know because the only pozidriv screws i've ever found in the wild came from Lidl as "particleboard screws". Same goes for working on motorcycles when you think it's a PH2 but it's a Japanese Industrial Standard 2 screw head. They're not pointy on the end.
@McSnarf2 жыл бұрын
@@carpespasm that's funny - because we use Philips mostly in stuff like particleboard construction, because the but head will cam out of the screw head when a certain torque is reached. There is a number of these cross pattern screw types - you will find JIS on a lot of electronics, to name just one, but PZ is probably the most common head here.
@PrivateUsername2 жыл бұрын
Have the rescue Jim laser-etched with the evidence ruler markings, and use a pull-off-able plastidip handle. The paracord looks tacticool, TBH.
@jamcdonald1206 ай бұрын
17:40 tubular pick? I thought everything around America uses tubular picks... or do those just fall under the master key thing.
@Epinardscaramel2 жыл бұрын
Those bags seem pretty nice as well
@LuminousWatcher2 жыл бұрын
I guess the impact is bigger with a piece of plastic foil as opposed to a bespoke tool.
@plasmaburndeath2 жыл бұрын
So my idea for you is to try and get this to an (accessory worn jewelry size kit), necklace/stopwatch, few basic looking rings, wrist-watch, maybe fake-cell phone case, and maybe even fake glasses (that have a few of the tools in arms for example) all to be even more covert.
@Greg-jy6ke2 жыл бұрын
Hey the keybar titanium hook insert is absolutely replacing all my traveler hooks, fits in my wallet and no longer do I get stabbed. It fits on thinner gap doors too
@flibodoor1232 жыл бұрын
I was taken away by your openness with regards to industry education from WWHF and other such event panels on YT, thank you for demystifying these methods and tools.
@TarahWheeler2 жыл бұрын
I love it!
@DeviantOllam2 жыл бұрын
💚
@phyphor2 жыл бұрын
A completely unbiased view from once security expert to another 😋
@ptrckstllr Жыл бұрын
I dont know how I'm just now seeing this video. Anyway, I'm trying to imagine actually using the tools as they're carried like that and it seems super awkward in my head. Unzip black case, take out blue case, set black case on floor, unzip blue case, take out tool, set blue case on floor, demonstrate use of tool, reverse order to put tool away and continue walkthrough. Or tuck cases under arm and try not to drop them while demonstrating tool 😂 Is that basically how it goes and it's just not as awkward as I'm making it sound or is there another way that I'm completely overlooking? I totally agree with the tacticool pouches looking out of place and unprofessional especially if worn in an actual chest rig configuration but there are less tacticool chest packs on the market and I feel like the hands-free capability would be more comfortable than the situation I'm visualizing. You're the pro; you know me, just a long time hobbyist follower over here. Hope to catch up at another con again sometime soon!
@kevenquinlan Жыл бұрын
Ahh, I mentioned in a comment about UV powder like 4 years ago as I hadn't seen you or anyone mention using it for keypads. A slightly better technique and less conspicuous is to put duct tape over the pad, then remove it. You can use a less adhesive tape too. Then you can just use fingerprint powder and you will be able to see which buttons are getting pushed. Plus, you won't have UV shit anywhere on the pad/ and, since the U has tons of labs, a technician inadvertently seeing your UV on his fingers, gloves when he's looking at shit under light or through a microscope. Of course, that's not applicable to most situations.
@SkunkCity_RC2 жыл бұрын
Thanks for the kit ideas
@DeviantOllam2 жыл бұрын
Any time!
@imark77777772 жыл бұрын
I would love to say that you should have a MasterLock bypass tool. you know a master lock #3 that can open itself. Or the other much beefier lock.