How to Break into Organizations with Style

Author: Julia Zduńczyk – SEC-T best speaker and CONFidence top speaker

Have you ever wondered how Red Teamers enter buildings’ high-security areas? During this presentation, you will get the opportunity to learn about the strategies, instruments, and methods we employ to breach access control systems.

The presentation combines the information needed for entering locations secured by access cards and is based on the experience and examples gathered during the Red Team assessments.

Julia Zduńczyk will demonstrate to you throughout the presentation how she used techniques like card cloning to get inside organizations:

• you’ll learn the fundamentals of RFID technology and how to scan and duplicate access cards using Proxmark3, along with a demonstration of the device’s functionality,
• you’ll explore a few of the most prevalent configuration problems with access control systems and discover how to take advantage of them to get more access and escalate privileges.
• you’ll also discover the technical and social engineering components of card scanning during a Red Team Assessment, using an example of a full kill chain that allowed Julia Zduńczyk to enter extremely secure parts of a building after beginning at zero access.
• Last but not least, you’ll learn how to defend your company from these kinds of attacks.
• Let’s discover how to break into organizations with style!

Presented at: CONFidence, SEC-T, No Hat

Julia Zduńczyk IT Security Consultant