All in Physical
I had another physical pentest. I prepared for this one for 3 months. I recon’ed the target and prepared my story, then I got to work making sure that when I got there it would go as smooth as it could possible be.
My customer specifically asked for an “overt” pentest, that means that I had to walk through the front door to achieve my target.
Don't Get Caught!
That’s one of my most important rules. It applies to both digital and physical pentests. Cover your tracks and become invisible.
Well, in this particular physical penetration test I got caught. It was partly my fault and partly the fact that my customer has well trained security personnel.
I succeeded in completing the pentest but just as I thought I was going home safe, I got caught, thrown to the ground and threatened to be shot if I didn’t comply with what the security personnel was saying.