Well...
-
@derekheld @csgraves - It's its own thing. And its such a small and niche world. Even doing the debrief to the security team and going through our methodology... they aren't used to pentesters.
I got a lot of... "What was your childhood like?", lol! Hahaha!!!
-
@johnefrancis @csgraves - Yes.
And we have policy and procedure and methodologies and training and lots of things to minimize and prevent this.
But it's a thing.
-
@johnefrancis @csgraves - Yes.
And we have policy and procedure and methodologies and training and lots of things to minimize and prevent this.
But it's a thing.
-
Well... Last week was fun.
Broke into a building. Also broke into an industrial facility.
I had to climb sooo many fences and hop soooo much barbed wire.
I hadn't needed to do that in much too long of a time. I've been too sedentary for a short bit.
But I've still got it!
Hopped an 8ft security fence with about 1.5ft of barbed wire on top. My colleague violated HR protocols and helped me up with a swift push to my ass. I returned the favor by going into the target site and stealing a ladder. Brought it back and lobbed it over the fence so he could climb over.
All in all, a good run.
And with that, I am on a cutting diet now. Need to lose another 20 pounds. And I'm adding mobility training and maybe even climbing gym to my daily walks and weekly hikes. That'll help for the next run.
@tinker I don’t miss a lot of the work from my former career.
Physical pentesting is on the list, though.
-
-
@m4iler -
1) I commended him! I asked him to give me a boost. Heck... he might report me, hahaha!
2) I used old fashioned leather gloves. This was barbed wire, not razor/concertina wire. I don't fuck with concertina wire anymore. In the Marines, I had to bypass it. In the civilian world, I'll cut it and handle it with proper PPE - but I usually just avoid it. Barbed Wire is cool. Concertina wire is not.
3) Good on you! I'm glad you made it work!At some point we should do a run together. Definitely.
@tinker I'll get the client, house you, but your roommate is gonna be ugly as hell!
I actually work at a company where I was told "Heya, you can break in anywhere, hell that's what you're here for!"
(plot twist, I'll be the roomie)
-
@tinker I'll get the client, house you, but your roommate is gonna be ugly as hell!
I actually work at a company where I was told "Heya, you can break in anywhere, hell that's what you're here for!"
(plot twist, I'll be the roomie)
@m4iler - Here for it. I'm white-labeling right now so if you're serious, send me a DM and we can sort it out!
-
@m4iler - Here for it. I'm white-labeling right now so if you're serious, send me a DM and we can sort it out!
-
@johnefrancis @tinker @csgraves
The best Darknet Diaries episodes are the red teaming ones.
Oh I dunno, like this one
-
Well... Last week was fun.
Broke into a building. Also broke into an industrial facility.
I had to climb sooo many fences and hop soooo much barbed wire.
I hadn't needed to do that in much too long of a time. I've been too sedentary for a short bit.
But I've still got it!
Hopped an 8ft security fence with about 1.5ft of barbed wire on top. My colleague violated HR protocols and helped me up with a swift push to my ass. I returned the favor by going into the target site and stealing a ladder. Brought it back and lobbed it over the fence so he could climb over.
All in all, a good run.
And with that, I am on a cutting diet now. Need to lose another 20 pounds. And I'm adding mobility training and maybe even climbing gym to my daily walks and weekly hikes. That'll help for the next run.
@tinker without giving away all the secrets, where would one look if one were interested in physical pen testing careers? Any advice?
-
@tinker without giving away all the secrets, where would one look if one were interested in physical pen testing careers? Any advice?
@cyphercryptic_reboot - Generally physical pentesters get pulled from IT / Computer pentesters. So folks that have some experience hacking into computers will be asked to physically pentest a place as well. (Not always, but thats the bulk right now - as physical pentests are often offered by consultancies that offer logical and social pentests as well)
Folks getting into pentesting consultancies come from a wide background but often have IT security backgrounds (intrusion detection, vuln scanning remediation, bug bounties, patch management, security engineering, etc), military, law enforcement, etc. Again not always.
Its sort of a niche of a niche of a niche.
-
@johnefrancis @tinker @csgraves
The best Darknet Diaries episodes are the red teaming ones.
Oh I dunno, like this one
@maleve @johnefrancis @csgraves - Hahaha, I enjoyed that one
-
@cyphercryptic_reboot - Generally physical pentesters get pulled from IT / Computer pentesters. So folks that have some experience hacking into computers will be asked to physically pentest a place as well. (Not always, but thats the bulk right now - as physical pentests are often offered by consultancies that offer logical and social pentests as well)
Folks getting into pentesting consultancies come from a wide background but often have IT security backgrounds (intrusion detection, vuln scanning remediation, bug bounties, patch management, security engineering, etc), military, law enforcement, etc. Again not always.
Its sort of a niche of a niche of a niche.
@tinker thank you for the info!
-
@johnefrancis @tinker @csgraves
The best Darknet Diaries episodes are the red teaming ones.
Oh I dunno, like this one
@maleve
@johnefrancis @tinker @csgraves
Wow, I've listened to that episode before but somehow never made the connection that this Tinker is also THAT Tinker! 🤯 -
-
@maleve
@johnefrancis @tinker @csgraves
Wow, I've listened to that episode before but somehow never made the connection that this Tinker is also THAT Tinker! 🤯@emma @maleve @johnefrancis @csgraves
@tinker contains multitudes
-
@csgraves - The joke answer is "All law enforcement is distracted right now in my country, so who would prosecute me?"
The real answer is... I'm paid to do this. It's my day job. Usually I'm sitting at home hacking into computers. But sometimes I get paid to break into places physically.
Generally it's for testing security. So folks will pay me to break into their own buildings to see where the holes are or how well their security guards react to me.
I pay my taxes. Everyone's happy.
@tinker fair enough. I was probably a bit too hasty with my declaration there, and I get it.
-
@tinker fair enough. I was probably a bit too hasty with my declaration there, and I get it.
@csgraves - Oh no worries at all. Its certainly not a "normal" profession.
-
@maleve
@johnefrancis @tinker @csgraves
Wow, I've listened to that episode before but somehow never made the connection that this Tinker is also THAT Tinker! 🤯@emma @tinker @maleve @johnefrancis @csgraves
Hahaha !
Same here ! Enjoyed the reading. -
R AodeRelay shared this topic
